At least 24 people have been arrested in seven countries, including the US and Germany, for running one of the largest cyber crimes in which they used the Internet to exploit stolen credit card and other personal information of hundreds of thousands of victims globally.
India-born US Attorney for the Southern District of New York Preet Bharara said while 11 individuals were arrested in the US, another 13 were arrested in the UK, Bosnia, Bulgaria, Norway and Germany in the largest coordinated international law enforcement action in history directed at the 'carding' crimes -- offences.
'Carding' refers to various criminal activities associated with stealing personal identification information and financial information belonging to other individuals -- including the account information associated with credit cards, bank cards, debit cards and then using that information to obtain money, goods, or services without the victims' authorisation or consent.
Those arrested in the US are Christian Cangeopol, Mark Caparelli, Sean Harper, Alex Hatala, Joshua Hicks, Michael Hogue, Mir Islam, Peter Ketchum and Steven Hansen.
"As the cyber threat grows more international, the response must be increasingly global and forceful," Bharara said.
"The coordinated law enforcement actions taken by an unprecedented number of countries around the world today demonstrate that hackers and fraudsters cannot count on being able to prowl the Internet in anonymity and with impunity, even across national boundaries.
"Clever computer criminals operating behind the supposed veil of the Internet are still subject to the long arm of the law," Bharara said.
According to the charging documents, individuals sold credit cards by the thousands and took the private information of several people.
The defendants casually offered every stripe of malware and virus to fellow fraudsters, even including software-enabling cyber voyeurs to hijack an unsuspecting consumer's personal computer camera.
'Carding forums' are websites used by criminals engaged in carding to facilitate their criminal activity.
Carders use carding forums to exchange information concerning hacking methods or computer-security vulnerabilities that could be used to obtain personal identification information.
In June 2010, the Federal Bureau of Investigation established an undercover carding forum called 'Carder Profit' enabling users to discuss various topics related to carding and to communicate offers to buy, sell, and exchange goods and services related to carding.
The FBI used this site in an effort to identify these cybercriminals, investigate their crimes, and prevent harm to innocent victims.
In the course of the undercover operation, the FBI contacted multiple affected institutions and individuals to let them know of discovered breaches in order to enable them to take appropriate responsive and protective measures.
The FBI prevented estimated potential economic losses of more than $205 million, notified credit card providers of over 411,000 compromised credit and debit cards, and notified 47 companies, government entities, and educational institutions of the breach of their networks.
Some of the defendants offered malware for sale, used hacking tools to steal information from the internal databases of a bank, hotel, trafficked in stolen credit card information and possessed information for more than 50,000 credit cards.
Caparelli engaged in a so-called 'Apple call-in' scheme in which he used stolen credit cards and social engineering skills to fraudulently obtain replacement products from Apple, which he then resold for profit.