Russian computer hackers operating in Colorado and 15 other states used data-mining viruses to steal thousands of credit card numbers from U.S. residents in 20 states and sold them on the darknet for more than $3.6 million, according to federal court documents.
As part of the wide-scale criminal operation, so-called “carders” from Russia advertised and sold the numbers to Ukrainian operatives using the Rescator network of websites — named for a Ukranian hacker who specializes in the sale of stolen credit cards.
Russian thieves instructed clandestine organizations to pay for batches of stolen credit card numbers using Western Union and MoneyGram International, according to documents filed by federal prosecutors in Denver U.S. District Court.
The documents did not indicate whether anyone has been arrested in connection to the scheme. Agents from the Department of Homeland Security based in Colorado uncovered the operation. The U.S. Attorney’s Office in Colorado filed forfeiture claims Friday against two Colorado bank accounts, the documents reveal.
Criminals use software to access hidden websites and blogs on the darknet so they can operate anonymously. As part of their investigation, Homeland Security agents made undercover purchases of batches of stolen credit cards.
A web of conspirators in Colorado and 15 other states funneled money back to accounts set up in the Russian Federation.
MoneyGram officials contacted Homeland Security agents in November of 2014 and notified them of 137 wire transfers totaling $170,000. The agents determined in March of 2016 that conspirators wired money to payees in the Ukraine, the documents indicate. In 2015 and 2016, conspirators allegedly sent 3,997 wires totaling $3,598,160, records indicate.