Second Guilty Plea in Largest Cybercrime Bust in US History

News

A 30-year-old Moldovan national pleaded guilty in a U.S. court to participation in a transnational cybercrime organization that caused more than half a billion dollars in losses, the US Department of Justice said on Friday.

August 4, 2020

The organization victimized millions worldwide in one of the “largest cyber fraud enterprises ever prosecuted by the Department of Justice,” the statement said.

Valerian Chiochiu, a programmer who went under various aliases including “Onassis,” “Flagler,” “Socrate,” and “Ecclesiastes,” was charged with conspiracy under the Racketeer Influenced and Corrupt Organizations Act (RICO) as a member of the international cybercrime group known as Infraud. 

The group “was an Internet-based cybercriminal enterprise engaged in the large-scale acquisition, sale, and dissemination of stolen identities, compromised debit and credit cards, personally identifiable information, financial and banking information, computer malware, and other contraband,” said the DOJ statement. 

In practice Infraud was an Internet forum set up to help hackers steal and sell stolen data. The name is a play on the groups’ motto, “In Fraud We Trust,” and they operated from late 2010 until early 2018. 

Chiochiu’s plea came more than a month after the co-founder and administrator of the group, Russian national Sergey Medvedev, separately pleaded guilty. Chiochiu will be sentenced in December. 

Infraud was created in 2010 with the intention to turn it into the premier destination for carding — purchasing retail items with counterfeit or stolen credit card information—on the Internet, said the DOJ statement.  

Before the site was shut down it had nearly 11,000 members. 

The group, which was made up of individuals from around the world, operated through an online forum. Though it’s members filled roles such as ‘moderators’, common in online groups, In many ways their structure parroted more traditional organized crime groups. 

“Infraud members held defined roles within the organization’s hierarchy. ‘Administrators’ managed day-to-day operation of and strategic planning for the organization, approved and monitored membership, and meted out punishments and rewards to members,” said a 2018 DOJ statement from when the group was first brought to light. 

‘Super Moderators’ oversaw and administered specific subject-matter areas within their expertise, while ‘Moderators’ moderated one or two specific sub-forums within their areas of subject-matter expertise.

Despite titles like administrator or moderator, the Department of Justice’s chart of the group’s hierarchy looks no different than those made with names like boss, underboss and caporegime to illuminate the structure of La Cosa Nostra families or those of other organized crime groups in the U.S. 

Chiochiu’s role was writing and supporting a “point of sale” malware program, known as FastPoS, designed to steal credit cards and other personal information from retail websites and other outlets. 

According to the DOJ, with the help of Chiochiu’s program among other illicit enterprises, the group inflicted some US$568 million in actual losses out of 2.2 billion in intended losses to individuals, merchants, and financial institutions.

Authorities indicted more than 30 members of the group but only about half had been apprehended at the time of their indictment. Many remain fugitives including Infraud founder Svyatoslav Bondarenko.