Eleven Cyber criminals Arrested
I'm always pleased to see international cooperation in cybercrime investigations! This afternoon we received the news from the UK's SOCA, (the Serious Organised Crime Agency) that there were eleven arrests globally in a case involving cooperation from the Vietnamese High-Tech Crime Unit (HTCU), the Criminal Investigative Division of the the Ministry of Public Security of Vietnam (MPSVN CID), SOCA, the Metropolitan Police Central e-Crime Unit (PCeU), and the FBI. Eight criminals were arrested in Vietnam and three additional arrests were made in the UK.All of these criminals were associated with the "mattfeuter" family of websites (mattfeuter.ru, mattfeuter.cc, mattfeuter.su, mattfeuter.com, etc.) where approximately 16,000 members bought and sold stolen credit card data in bulk. It is believed that purchases from the website had facilitated more than $200M worth of credit card fraud worldwide through the sale of more than 1.1 million credit cards.
SOCA and the PCeU are joining forces to create the new National Crime Agency later this year, but are already performing joint operations such as this investigation in anticipation of the UK's new National Cyber Crime Unit. Andy Archibald, who is the interim Deputy Director of the National Cyber Crime Unit, where the "Dedicated Cheque and Plastic Crime Unit" is housed, had this to say:
“One of the world’s major facilitation networks for online card fraud has been dismantled by this operation, and those engaged in this type of crime should know that that they are neither anonymous, nor beyond the reach of law enforcement agencies. We and our partners, in the UK and abroad, continue to protect the public and legitimate businesses by targeting websites trading in stolen card data, and relentlessly pursuing those who operate and frequent them."
Operations of this nature would not be possible without the support of private sector partners, in this case primarily Visa and MasterCard.
In keeping with UK law, the names of the three arrested there are not given, only their names and locations:
- 37 year old man from West Ham
- 34 year old man from Thornton Heath
- 44 year old man from Manor Park
Vietnamese media has identified those arrested in Vietnam, and have named as their ringleader Van Tien Tu. The full list of those arrested include:
- Ngo Thi Quynh Anh
- Tran Thi Dieu Hien
- Van Tien Tu
- Truong Hai Duy
- Le Van Kieu, those five all from Ho Chi Min City
- Trinh Khac Duong
- Dao Ba Bang
- Doan Van Chuc, those three from Hanoi
The Hanoi three are charged with using the credit card data for online gambling.
The ringleader, Van Tien Tu, is charged with having created the Mattfeuter websites, where credit cards are sold for between $2 and $20 per card. As the operator of the site, Van Tien Tu and his group earned approximately $1.5 million in commissions on their sales.
Although we haven't yet heard of many cases with Vietnamese cyber crime yet, the improvements in Vietnamese law passed in 2009 made it a criminal offense to fraudulently obtain card dat from overseas targets, as well as from victims in Vietnam.
The New Jersey case focuses on Duy Hai Truong, pictured below:
In a statement from the New Jersey US Attorney's Office, Paul Fishman announced that Truong was charged with "conspiracy to commit bank fraud. From 2007 until his recent arrest, Truong allegedly defrauded financial institutions as part of the massive scheme, in which personal identifying information relating to more than 1.1 million credit cards was stolen and resold to criminal customers worldwide." The New Jersey statement alludes to "arrests made over the past week in the United Kingdom, Vietnam, Italy, Germany, and elsewhere" so I am sure there will be additional news in the near future as the details of the case unfold.
The Official Complaint against Duy Hai Truong reveals that fees on the mattfeuter.biz and mattfeuter.com websites varied from $1 to $300 per "dump" (a dump referring to a magnetic card stripe read from a Credit or Debit Card), and that the fees were usually paid through Western Union or Liberty Reserve.
Truong is being held in Vietnam pending the settlement of charges in the UK, but if convicted in the US, Truong could face up to 30 years in prison and a fine of either $1 million or twice the gain from the offense, or twice the losses caused by the offense, whichever is greater.
New Jersey has also released the Sworn Complaint by FBI Special Agent Russell Ficara, who testifies that he reviewed over 1100 bank accounts and many searches of email accounts, residences, offices, and drop addresses related to this case. His testimony includes many of the email accounts used, including mattfeuter123@gmail.com, augustino267@gmail.com, ho.robbie@gmail.com, and included more than 150,000 email messages with more than 1.1 million credit card numbers being traded, including cards and personally identifiable information (PII) related to many victims residing in New Jersey.
As with so many criminals, Truong also had a Facebook account that referred to his real name, made references to the conspiracy, and contained photos of messages to and from Dump Purchasers and making reference to stolen credit cards!
A single Western Union location "in or around Ho Chi Minh City, Vietnam" was documented to have received more than $1.9 million in payments just related to MTCNs (Money Transfer Control Numbers) documented in the emails from the three referenced accounts, all controlled by Truong.
