On the Internet, he was known as BadB, a disembodied criminal flitting from one server to another selling stolen credit card numbers despite being pursued by the US Secret Service.
In real life, he was nearly as untouchable — because he lived in Russia.
BadB’s real name is Vladislav Horohorin, a statement released last week by the US Justice Department said, and he was a resident of Moscow before his arrest by the police in France during a trip to that country earlier this month.
He is expected to appear soon before a French court that will decide on his potential extradition to the US, where Horohorin could face up to 12 years in prison and a fine of US$500,000 if he is convicted on charges of fraud and identity theft. For at least nine months, however, he lived openly in Moscow as one of the world’s most wanted computer criminals.
The capture of BadB provides a peek into the shadowy world of Russian hackers, the often well-educated and sometimes darkly ingenious programmers who pose a recognized security threat to online commerce — besides being global spam nuisances — and who often seem to operate with relative impunity.
Law enforcement groups in Russia have been reluctant to pursue these talented authors of Internet fraud, for reasons, security experts say, of incompetence, corruption or national pride.
In this environment, BadB’s network arose as “one of the most sophisticated organizations of online financial criminals in the world,” said a statement issued by Michael Merritt, the assistant director of investigations for the Secret Service, which pursues counterfeiting and some electronic financial fraud.
As long ago as in November last year, the US attorney’s office in Washington, in a sealed indictment, identified BadB as Horohorin, a 27-year-old residing in Moscow with dual Ukrainian and Israeli citizenship.
However, it was not until Aug. 7 this year that Horohorin, who was traveling from Russia to France, was detained on a warrant from the US as he boarded a plane to return to Russia at an airport in Nice, in southern France.
The Secret Service released a statement on Aug. 11, when the indictment was unsealed. Max Milien, a Secret Service spokesman in Washington, said the agency could not comment about the decision to arrest Horohorin in France.
Olga Shklyarova, spokeswoman for the Russian bureau of Interpol, said no US law enforcement agency had requested Horohorin’s arrest in her country.
“We never received such a request,” she said by telephone.
The Secret Service statement said that Horohorin managed Web sites for hackers who were able to steal large numbers of credit card numbers that were sold online anonymously around the globe. Those buyers would do the more dangerous work of running up fraudulent bills.
The numbers were exchanged on Web sites called CarderPlanet — carder.su and badb.biz — the Secret Service said, and payment was made indirectly through accounts at a Russian online settlement system known as Webmoney, an analogue to PayPal.
Underscoring the nationalistic tone of much of Russian computer crime, one site featured a cartoon of Russian Prime Minister Vladimir Putin awarding medals to Russian hackers.
“We awaiting you to fight the imperialism of the U.S.A.” the site said, in approximate English.
Horohorin lived openly in Moscow. As a foreign citizen, he registered with the police, said Dmitri Zakharov, a spokesman for the Russian Association of Electronic Communication, an industry lobby for legitimate Russian Internet businesses, who cited a database of such registries.
A phone number for Horohorin was out of service on Thursday.
Arrests in Russia for computer crimes are rare, even when hackers living in Russia have been publicly identified by outside groups, like Spamhaus, a nonprofit group in Geneva and in London that tracks sources of spam.
The FBI in 2002 resorted to luring a Russian suspect, Vasily Gorshkov, to the US with a fake offer of a job interview (with a fictitious Internet company called Invita), rather than ask the Russian police for help. To obtain evidence in the case, FBI computer experts had hacked into Gorshkov’s computer in Russia. When this was revealed, Russian authorities expressed anger that the FBI had resorted to a cross-border tactic.
Online fraud is not a high priority for the Russian police, Zakharov said, because most of it is aimed at computer users in Europe or the US.
“This is a main reason why spammers are not arrested,” he said.
Politics may also play a role. Vladimir Sokolov, deputy director of the Institute of Information Security, a Russian research organization, said the US and Russia were still at odds on basic issues of computer security, although the differences were narrowing.
The US tends to view computer security as a law enforcement matter. Russia has pushed for an international treaty that would regulate the use of online weapons by military or espionage agencies. Last year the US opened talks on a treaty, but it has continued to press for closer law enforcement cooperation, Sokolov said.
Computer security researchers have raised a more sinister prospect: that criminal spamming gangs have been co-opted by the intelligence agencies in Russia, which provide cover for their activities in exchange for the criminals’ expertise or for allowing their networks of virus-infected computers to be used for political purposes — to crash dissident Web sites, perhaps.
Sometimes, the collateral damage for online business is immediate. A year ago, for example, hackers used a network of infected computers to direct huge amounts of junk traffic at the social networking accounts of a 34-year-old political blogger in Georgia, a country that fought a war with Russia in 2008. The attack, though, spun out of control and briefly crashed the global service of Twitter and slowed Facebook and LiveJournal, affecting tens of millions of computer users worldwide.
The Russian authorities have repeatedly denied that the state has any connection to such attacks.
Spamhaus says seven of the top 10 spammers in the world are based in the former Soviet Union, in Ukraine, Russia and Estonia.
More ominously, Western law enforcement agencies have traced a code intended for breaking into banking sites to Russian programming.
In 2007, Swedish experts identified a Russian hacker known only by his colorful sobriquet — the Corpse — as the author of a virus that logged keystrokes on personal computers to capture passwords for Nordea, a Swedish bank, and the accounts were drained of about US$1 million.
For a time, these rogue programs were openly for sale on a Russian Web site. The home page displayed an illustration of Lenin making a rude gesture.
Since Horohorin’s arrest, the badb.biz Web site has gone dark. However, on Monday, at least, its CarderPlanet counterpart, the Russian site carder.su, was still open for business.
The gutting of Voice of America (VOA) and Radio Free Asia (RFA) by US President Donald Trump’s administration poses a serious threat to the global voice of freedom, particularly for those living under authoritarian regimes such as China. The US — hailed as the model of liberal democracy — has the moral responsibility to uphold the values it champions. In undermining these institutions, the US risks diminishing its “soft power,” a pivotal pillar of its global influence. VOA Tibetan and RFA Tibetan played an enormous role in promoting the strong image of the US in and outside Tibet. On VOA Tibetan,
Sung Chien-liang (宋建樑), the leader of the Chinese Nationalist Party’s (KMT) efforts to recall Democratic Progressive Party (DPP) Legislator Lee Kun-cheng (李坤城), caused a national outrage and drew diplomatic condemnation on Tuesday after he arrived at the New Taipei City District Prosecutors’ Office dressed in a Nazi uniform. Sung performed a Nazi salute and carried a copy of Adolf Hitler’s Mein Kampf as he arrived to be questioned over allegations of signature forgery in the recall petition. The KMT’s response to the incident has shown a striking lack of contrition and decency. Rather than apologizing and distancing itself from Sung’s actions,
US President Trump weighed into the state of America’s semiconductor manufacturing when he declared, “They [Taiwan] stole it from us. They took it from us, and I don’t blame them. I give them credit.” At a prior White House event President Trump hosted TSMC chairman C.C. Wei (魏哲家), head of the world’s largest and most advanced chip manufacturer, to announce a commitment to invest US$100 billion in America. The president then shifted his previously critical rhetoric on Taiwan and put off tariffs on its chips. Now we learn that the Trump Administration is conducting a “trade investigation” on semiconductors which
By now, most of Taiwan has heard Taipei Mayor Chiang Wan-an’s (蔣萬安) threats to initiate a vote of no confidence against the Cabinet. His rationale is that the Democratic Progressive Party (DPP)-led government’s investigation into alleged signature forgery in the Chinese Nationalist Party’s (KMT) recall campaign constitutes “political persecution.” I sincerely hope he goes through with it. The opposition currently holds a majority in the Legislative Yuan, so the initiation of a no-confidence motion and its passage should be entirely within reach. If Chiang truly believes that the government is overreaching, abusing its power and targeting political opponents — then