ATLANTA- Evgeny Tarasovich Levitskyy, a/k/a Vinchenco, a/k/a Vinch, a/k/a M.U.R.D.E.R.E.R, has been sentenced to 46 months in federal prison for conspiracy to commit bank fraud for his role as a "casher" (one who withdraws cash using stolen bank account information) in the 2008 hack of RBS WorldPay.
"The 2008 hack of RBS WorldPay was one of the worlds most sophisticated hacking and cashing schemes," said U. S. Attorney John Horn. "The team of hackers not only stole financial data from an American payment processors private servers, they were able to work in concert with a team of cashers stationed around the world. The cybercriminals stole over $9 million dollars in 12 hours from 2100 ATMs worldwide."
David J. LeValley, Special Agent in Charge, FBI Atlanta Field Office, stated: "Cyber crime and computer intrusions are no longer executed by lone individuals. Instead, they rely upon a complex online and real world ecosystem of criminal goods and services for hire, such as the cashing service operated by Mr. Levitskyy. His cashing service was a key component in an organized network of criminal services, which was leveraged to withdraw over $9 million dollars from RBS WorldPay. Outstanding levels of global cooperation among US and international law enforcement culminated in the arrest and sentencing of Mr. Levitskyy, which removed a key criminal service from the cyber criminal underground, thereby reducing the ability for cyber criminals to monetize cyber attacks."
"This case demonstrates the Secret Service is committed to protecting our nations critical financial infrastructure and payment systems," said Special Agent in Charge, Kenneth Cronin, United States Secret Service, Atlanta Field Office. "These types of cyber criminals use sophisticated hacking techniques to compromise computer systems and then utilize a global network of co-conspirators to withdraw millions of dollars from ATM machines from around the world. Our success in this case and other network intrusion investigations is a result of our close work with our domestic and international law enforcement partners."
According to U.S. Attorney Horn, the charges and other information presented in court: During November 2008, a team of hackers, including Estonian national Sergei Turikov and others, obtained unauthorized access into the computer network of RBS WorldPay, what was then the U.S. payment processing division of the Royal Bank of Scotland Group PLC, located in Atlanta, Georgia. The group used sophisticated hacking techniques to compromise the data encryption that was used by RBS WorldPay to protect customer data on payroll debit cards. Payroll debit cards are used by various companies to pay their employees. By using a payroll debit card, employees are able to withdraw their regular salaries from an ATM.
Once the encryption on the card processing system was compromised, the hacking ring raised the account limits on compromised accounts to amounts exceeding $1,000,000. The hackers then provided a network of cashers with 44 counterfeit payroll debit cards, which were used to withdraw more than $9 million from over 2,100 ATMs in at least 280 cities worldwide, including cities in the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan, and Canada. The $9 million loss occurred within a span of less than 12 hours. In addition, the hacking crew stole files containing 45.5 million pre-paid payroll and gift card numbers.
The hackers then sought to destroy data stored on the card processing network in order to conceal their hacking activity. The cashers were allowed to keep 30 to 50 percent of the stolen funds, but transmitted the bulk of those funds back to Turikov and his co-defendants. Upon discovering the unauthorized activity, RBS WorldPay immediately reported the breach, and has substantially assisted in the investigation.
Throughout the duration of the cash out, Turikov and another hacker monitored the fraudulent ATM withdrawals in real-time from within the computer systems of RBS WorldPay.
Evgeny Tarasovich Levitskyy, a/k/a Vinchenco, a/k/a Vinch, a/k/a M.U.R.D.E.R.E.R., 31, of Nikolaev, Ukraine, is alleged to have been responsible for cashing out nearly $500,000 associated with a single hacked debit card number. He was sentenced by U.S. District Court Judge Steven C. Jones to 46 months in prison and ordered to pay restitution of $499,518.51.
To date, the U.S. Attorneys Office for the Northern District of Georgia has charged 14 individuals involved in the hack and cash out, including Russian nationals Viktor Pleshchuk, Evgeniy Anikin, and Roman Seleznev; Estonian nationals Sergei Tsurikov, Igor Grudijev, Ronald Tsoi, Eveilyn Tsoi, and Mikhail Jevgenov; Moldovan national
Oleg Covelin; Ukrainian nationals Vladimir Valeyrich Tailar and Evgeny Levitskyy; Nigerian national Ezenwa Chukukere; American national Sonya Martin; and Vladislav Horohorin, who is citizen of Russia, Israel, and Ukraine.
This case was investigated by the Federal Bureau of Investigation and United States Secret Service.
Assistant U.S. Attorney Kamal Ghali prosecuted the case. Assistance was provided by the Justice Departments Office of International Affairs, the Republic of Slovenias Ministry of Interior Criminal Police Directorate ("MNZ"), the Czech Republics Policie Ceske Republiky ("PCR"), and the Criminal Divisions Computer Crime and Intellectual Property Section.
For further information please contact the U.S. Attorneys Public Affairs Office at USAGAN.PressEmails@usdoj.gov or (404) 581-6016. The Internet address for the U.S. Attorneys Office for the Northern District of Georgia is http://www.justice.gov/usao-ndga
--DOJ Northern District of Georgia
Source: U.S. Secret Service