Thursday, March 16, 2017

Hacker Who Tried To Frame Security Researcher in 2013 – Sentenced To Prison

A 31-year-old hacker from Ukraine, was sentenced to 41 months in prison for serious crimes, including ordering heroin from a narcotics vendor on the Silk Road Marketplace to security researcher Brian Krebs’ home.

The cybercriminal is known by various names (both in the “real world” and on the dark net), including Sergey Vovnenko, Sergey Vovnencko, Tomas Rimkis, Flycracker, Flyck, Fly, Centurion, MUXACC1, Stranier and Darklife. In a joint operation between the US Secret Service and Italian police, law enforcement authorities arrested the suspect on June 13, 2014. Italian investigators detained the 31-year-old, however, when his extradition was pending, he contested the decision for more than 15 months.

According to official court documents, between September 2010 and August 2012, Vovnenko operated an international criminal organization specialized in cybercrime. Along with his conspirators, they stole usernames and passwords for bank accounts and other online services, as well as debit and credit card numbers, and related personal identifying information. Additionally, Vovnenko ran two criminal hacking forums on the dark web.

The 31-year-old admitted that he operated a botnet consisting of more than 13,000 computers. He used the infected devices to steal precious data from the victims. The hacker also confessed that he used the well-known Zeus banking trojan to acquire financial information, and record keystrokes of the users he infected. A significant part of the infected computers was located in New Jersey.

According to the indictment, Vovnenko, as the administrator of multiple cybercriminal forums, used his position to “traffic in data” he stole as part of the conspiracy. The hacking forums consisted of electronic bulletin boards for criminal activity, including the purchase, sale, and use of stolen login credentials and payment details. Cybercriminals could also discuss different techniques on the dark net sites, including infecting victims with malware.

According to Brian Krebs’ report, in May 2013, a package containing 1 gram of heroin was hand-delivered by the local postal carrier to the security researcher’s door. Vovnenko purchased the narcotics from the Silk Road Marketplace, and after the successful delivery, he spoofed a call from one of the neighbors alerting the police. However, the framing attempt was unsuccessful. At the time, Krebs was already monitoring the criminal forum and was able to see the scam in real time. The researcher alerted local police prior to the drug delivery.

The 31-year-old planned the plot, called “Krebs Fund”, which involved the creation of a BTC wallet for receiving “donations” from the forum members. The goal was to purchase heroin from a vendor on the Silk Road Marketplace and have it shipped to the researcher’s home address.

“Guys, it became known recently that Brian Krebs is a heroin addict and he desperately needs the smack, so we have started the ‘Helping Brian Fund,’ and shortly we will create a bitcoin wallet called ‘Drugs for Krebs’, which we will use to buy him the purest heroin on the Silk Road. My friends, his withdrawal is very bad, let’s join forces to help the guy! We will save Brian from the acute heroin withdrawal and the world will get slightly better!” Vovnenko made this post on the cybercriminal forum.

The 31-year-old was sentenced to 41 months in prison, with an additional three years of supervised release, and restitution in the amount of $83,368.