The real-life case of Alexey Ivanov and Vasiliy Gorshkov was discussed at the Black Hat Security Conference in Las Vegas in July 2004. It involves two crackers who were smart enough to crack into computer systems but naÃ¯ve concerning the social engineering talents of FBI agents. Following is a summary of events in the case.
On October 10, 2001, in Washington, a jury returned a guilty verdict against Vasiliy Gorshkov, age 26, of Russia, on 20 counts of conspiracy, numerous computer crimes, and fraud. The targets included Speakeasy Network (Seattle, Washington), the Nara Bank (Los Angeles, California), the Central National Bank of Waco (Waco, Texas), and the online credit card payment company PayPal (Palo Alto, California), among others. For these crimes, Gorshkov faced a maximum prison term of five years on each count, resulting in a possible sentence of 100 years in prison and a fine of $250,000 on each count. The jury sentenced him to a three-year prison term.
Gorshkov was one of two Russians persuaded to go to the United States through an FBI sting operation. The sting came from an investigation of Russian computer intrusions directed at these targets. Apparently the pair used the targeted computers to steal clients’ personal financial information. They then attempted to extort money from the targeted firms with threats to either show the sensitive data to the public or to damage the firms’ computers. The pair also defrauded PayPal with stolen credit card numbers used to get money to pay for computer parts ordered from U.S. vendors.
The FBI’s sting operation was formulated to seduce the Russian criminals to arrive on U.S. soil so that they could be caught and charged. As part of the sting, the FBI created a computer security company named Invita. Then, pretending to be Invita personnel, during the second half of the year 2000 the FBI agents communicated with the Russian pair by phone and email. The pair eventually agreed to a personal meeting in Seattle, where Invita was theoretically based.
Before the FBI agents would bring the pair to the U.S., however, the team had to pass a special test. They had to crack a test network—an exploit they successfully completed.
Gorshkov and Ivanov landed in Seattle, Washington, on November 10, 2000, to attend the prearranged meeting at Invita. The Russian men did not know that the Invita meeting participants were actually FBI agents. The Russians also were not aware that the meeting was recorded on tape. During the meeting, Gorshkov and Ivanov bragged about their cracking prowess and took responsibility for their cracking exploits. Gorshkov shrugged off any concerns about the FBI’s catching them, maintaining that the FBI could not get the pair while they were in Russia. When asked how they got the U.S. credit cards, Gorshkov said that he was not prepared to discuss that issue while they were in the United States. He then suggested that such questions would better be addressed in Russia. At the end of the Invita meeting, the two Russians were arrested and Ivanov was sent to Connecticut to face charges for a cracking incident regarding the Online Information Bureau of Vernon (in Connecticut).
Several days after the arrests, the FBI agents got access through the Internet to the men’s computers in Russia. The FBI copied considerable data from their accounts and obtained a search warrant from a U.S. judge. The data provided a wealth of cracking evidence. The pair had huge databases of stolen credit card information: More than 56,000 credit cards’ worth of information was on their computers, as was the personal financial information of online banking clients.
The data also showed that the crackers gained unauthorized control over numerous computers, including those of a school district in Michigan. The crackers then used those computers to commit fraud against PayPal and other online firms.
U.S. Department of Justice. Russian Computer Hacker Convicted by Jury. [Online, October 10, 2001.] U.S. Department of Justice Website: http://www.usdoj.gov/ criminal/cybercrime/gorshkovconvict.htm.