Teen hackers part of 24 held in global swoop

Reuters

New York

US law enforcement officials said 24 suspected hackers had been arrested in a sting operation spanning four continents that targeted online financial fraud of stolen credit card and bank information.

In a two-year investigation, FBI agents posed as hackers on internet forums, watching as other hackers swopped methods for breaching data security walls and creating fake credit cards that would work for internet and in-person purchases.

The probe prevented some $205 million in possible losses on more than 411 000 compromised consumer credit and debit cards, according to US authorities in New York.

Eleven people were arrested in the US, the Federal Bureau of Investigation and the Manhattan US attorney’s office said. The 13 others were arrested in countries from Britain to Japan, the authorities said.

Officials in Australia also conducted searches.

“Clever computer criminals operating behind the supposed veil of the internet are still subject to the long arm of the law,” Manhattan US attorney Preet Bharara said.

During the operation, the FBI said, it also contacted “multiple” people and institutions hit by the hackers and showed them how to repair their security breaches and protect themselves.

No credit card companies or banks were named in the court documents.

The 24 people arrested were all men aged 18 to 25. Some face up to 40 years or more in prison if convicted on conspiracy to commit wire fraud charges.

The FBI operation centred around a “carding forum” that it had secretly created in June 2010, and was in charge of running unbeknown to its participants, authorities said.

The forum, called Carder Profit, was essentially an online market for registered users to exchange stolen account numbers. It was shut down last month.

Two people were arrested in the New York area and were later released on bail after appearing in Manhattan federal court.

One of the men, Mir Islam, known online as “JoshTheGod,” was charged with trafficking in 50 000 stolen credit card numbers.

Authorities said Islam had admitted to helping emerging hacker outfit UgNazi, which said it had launched a cyber attack against the microblogging platform Twitter last week.

Islam, 18, who lives in the New York borough of the Bronx, appeared before Judge James Francis in flip-flop sandals and jeans. His parents, who are from Pakistan, watched the proceeding from a back bench.

Islam was released on bail of $50 000 (R419 000).

Fellow Bronx resident Joshua Hicks, 19, also known as “OxideDox”, was charged with one count of access device fraud. Wearing red basketball shorts, Hicks was released on bail after a brief hearing before the same judge.

Meanwhile on Tuesday, the US Federal Trade Commission filed a complaint against Wyndham Worldwide and three subsidiaries, alleging that the hotel operator had not kept customer data secure.

That failure resulted in the theft of hundreds of thousands of consumers’ payment card numbers, which were sent to an internet address registered in Russia and $10.6m in fraudulent charges, according to the complaint.