U.S. Govt. Appears To Have Nabbed Kurupt.su Carding Kingpin 44
tsu doh nimh writes "The Justice Department on Monday announced the arrest of a Dutch man wanted for coordinating the theft of roughly 44,000 credit card numbers. The government hasn't released many details about the accused, except for his name and hacker handle, 'Fortezza.' But data from a variety of sources indicates that Fortezza was a lead administrator of Kurupt.su, a large, recently-shuttered forum dedicated to carding and Internet fraud. Krebsonsecurity.com provides some background on Fortezza, who 'claimed to be "quitting the scene," but spoke often about finishing a project with which he seemed obsessed: to hack and plunder all of the other carding forums.'"
King Cotton? (Score:1)
U.S. Govt. Appears To Have Nabbed Kurupt.su Carding Kingpin
I thought he had something to do with sorting cotton fibres before spinning [wikipedia.org].
Re: (Score:2)
I misread it as Cardigan Kingpin, like he was selling bootleg Edinburgh Woollen Mill gear.
Spokeo (Score:1, Informative)
Just looked him up on Spokeo. Already updated to show him in jail. wow!
Good riddance (Score:5, Informative)
RTFA, Krebs almost seems sympathetic for the guy.
I don't care much for the whole extradition-to-the-US thing, but this is not your average whitehat/greyhat hacker, highlighting security issues by breaking systems, or for the lulz.
This is card skimming pond scum, doing it for profit. Good riddance, I say.
Re: (Score:3)
RTFA, Krebs almost seems sympathetic for the guy.
I don't care much for the whole extradition-to-the-US thing, but this is not your average whitehat/greyhat hacker, highlighting security issues by breaking systems, or for the lulz.
This is card skimming pond scum, doing it for profit. Good riddance, I say.
Exactly. I don't get the sympathy for this thief, he stole from thousands and deserves to be locked up for a while.
Re: (Score:2)
Resources should be used to find, catch and lock up these people instead of those who just smoke a joint.
Re:the banks win, again (Score:5, Interesting)
this hero of the people taking from the evil banks and redistributing back to the little people will never lose
It was credit card fraud. The only people that lose are the shops who take credit cards and maybe a few rich people who don't check their statements.
If the banks were losing out from this though would change the credit card system.
Re:the banks win, again (Score:4, Insightful)
"If the banks were losing out from this though would change the credit card system."
They're definitely losing big money but they're doing so much business that the losses don't have a material impact on their profits. Millions or maybe tens of millions vs. tens or hundreds of billions. Not enough to justify the expense of updating all the point-of-sale systems(they already have the technology to do this) and certainly not enough to make them want to change their policies of giving easy credit to anyone with a pulse.
Re: (Score:2, Informative)
It was credit card fraud. The only people that lose are the shops who take credit cards and maybe a few rich people who don't check their statements.
If the banks were losing out from this though would change the credit card system.
I had my card stolen (or at least, it was caught) while I was away on a business trip in a foreign country. I sort of got it resolved, but after a marathon phone session (which I got to pay for!), and countless other little inconveniences. That inconvenience and wasted time has to count for something.
If there was a more secure, but more annoying to use, credit card option, I'd jump to it in a heart beat. But since credit cards are effectively a monopoly, I have a choice of images to put on the card, and
Re: (Score:1)
If the banks were losing out from this though would change the credit card system.
I disagree if bank lose more money to credit card fraud they will insure themselves for more loss.
So Then they have many options ask you to pay more for your card, "offer" you a deal special anti fraud card for money, take more money from your bank account...
As long as it's sustainable to make customers pay they will chose that option first.
Re:the banks win, again (Score:4, Informative)
Re: (Score:2)
this hero of the people taking from the evil banks and redistributing back to the little people will never lose
That sounds like PR. More likely, he invested in portraits of Elvis and Mexican jail doors.
Lulz (Score:3)
Anyone checking my post history will see I'm pretty critical of the US, but good work on this one Team America!
Lets see how Dutchie-Boy likes the US prison system.
Re: (Score:3)
21 and facing decades in a US jail where the other criminals are mean?
why can't he just say i'm sorry, i learned my lesson and be done with it?
Re: (Score:2)
21 and facing decades in a US jail where the other criminals are mean?
why can't he just say i'm sorry, i learned my lesson and be done with it?
oh yeah, and why not give him a trophy for participating at the same time?
Re: (Score:2)
21 and facing decades in a US jail where the other criminals are mean?
I feel like there's a saying for this sort of thing. Something about crime and punishment.
Re: (Score:1)
Lets see - 44,000 thefts, times probably 4-6 hours each to resolve for each victim.... let's be nice and call it 4 hours per theft - about 20 years. Yes, decades before being able to be paroled seems about right, although I'd go with treble damages due to the scale of the criminal activity, so 60 years before being eligible for parole seems quite reasonable and even kind.
"Don't do the crime if you can't do the time"
Scale and scope of the crime should not work in your favor by minimizing punishment.
Kingpin? (Score:2)
What would that go for these days, about $440?
Re: (Score:3)
What would that go for these days, about $440?
Who cares if the data went for a cent. It affected the lives of 44,000 people.
Only banks and governments are allowed to perform wide scale theft, this guy was nether so it's jail time for him.
Good. No more illegal cards. (Score:1)
I'll bet Hallmark is just as thrilled.
Credit card fraud treated as Identity Theft in US (Score:3, Interesting)
One huge problem is the FBI decided that credit card fraud - any type - is "Identity Theft" and that is how their reporting structure works. This hugely inflates the amount of "Identity Theft" that is reported giving a big leg up to the probably bigger scam artists at Lifelock. No matter how much credit card fraud costs merchants, the number is dwarfed by the amount of money going to Lifelock and other "identity protection" thieves.
Now, who really is affected by credit card fraud? Certainly not the banks - fraudulent charges are simply charged back to the merchant. Does it hurt the card holder? Well, not really. If you get a charge on your bill that you didn't make you do not have to pay it. Most of the time the credit card company is already aware of the fraudulent use and has taken such charges off the bill. Now, the card company almost certainly will want to change the card number and set you a new card and that can be somewhat inconvenient, but that is about it. Well, what about the merchant? If you are in the business of taking credit cards for almost any retail business you have insurance that covers this sort of thing. The merchant is paying for this insurance, so they might as well use it. I guess we are all paying a little bit for this because the merchants might save a few pennies on their general business insurance if they didn't need this coverage. So figure that when you go to a store you are paying $0.000001 more to cover the credit card fraud insurance.
So who loses? The insurance company? Not really. The merchant that is silly enough not to have insurance? Probably. Certainly nobody else is losing anything in this which is why it is not prosecuted in the US - nobody actually using a fraudulent card ever gets even arrested. They do take the card away if you are using a fake card, which obviously doesn't apply when credit card fraud is done through the Internet.
So really this is almost a vicimless crime that affects nobody. So your credit card number is used fraudulently... big deal... get a new card and move on.
Did you know that a fresh credit card number is worth about $0.50 on the open market today? This means that every time you use a card with a human involved it is a good chance they are collecting card numbers. A guy working in a restaurant can make an extra $50 a week easily just collecting numbers and such from cards handed over by customers. There is little risk with this as at worst he might get fired if caught. The police will not even arrest someone for this sort of activity.
Yes, I get a credit card used fraudulently at least once a year. I get a call about some silly charge that someone tried to make and they take it off the bill. End of story. The guy this posting is about is evidently higher up the food chain enough that someone thinks he is worth prosecuting, but I doubt it goes anywhere. There just isn't anyone losing out enough to justify spending anyone's time and money prosecuting folks like this. So it will continue and get more and more prevalent.
Re:Credit card fraud treated as Identity Theft in (Score:4, Informative)
Your numbers are also off - good credit card numbers can go for $30 - $45 depending on the type of card and where it's from:
http://www.npr.org/blogs/money/2011/06/16/137181702/the-tuesday-podcast-inside-the-credit-card-black-market [npr.org]
and the idea that a guy working in a restaurant would do this... Well, if he was very stupid then maybe. But he'd get caught in no time once this restaurant was identified as a common point of use between all these stolen cards.
Re: (Score:3)
Unfortunately you are wrong on at least one point: the guy in the restaurant is unlikely to ever be fingered for skimming. If the restaurant were identified (which it won't be) it won't be likely he works there anymore (check out the employee turn over in food services some time). But lets get to the notion that someone is working to find correlation to determine the point of loss: lots of luck, there are simply too many ways for a card to be compromised. For example:
1. restaurants
2. card readers
3. malware
Re: (Score:2)
I'd imagine that yo
Re: (Score:2)
"Did you know that a fresh credit card number is worth about $0.50 on the open market today?"
I didn't know that, and I doubt it. That might be the cut that the carder gives to the bus-boy, but it's my impression that the mag stripe data is worth a lot more than that on the open market.
Is running the forum now a crime? (Score:2)
Can you now be charged for simply setting up and administering a carding forum? I RTFA but only skimmed the indictment. Not saying that this is all the guy was doing. Just curious. I think they've taken down most of these guys because they are not only administering the site, they're also active participants in the commerce.
"he actively hacked into and absconded with stolen card data taken from other fraud forums."
IANAL, but how can they prosecute you for stealing stolen stuff? Wouldn't this be like be
Re: (Score:2)
IANAL, but how can they prosecute you for stealing stolen stuff?
Really? IANAL either, but theft is theft. It doesn't matter how many layers you put between yourself and the owner...
Heck you can go to jail for BUYING stolen goods if you should have known they were stolen.
SU domain (Score:3)