A Russian hacker in Los Angeles who had extensive business relationships on the dark web and claimed he had 40,000 stolen credit-card numbers was sentenced Monday to more than nine years in prison on wire fraud charges.
Alexander Tverdokhlebov, 29, pleaded guilty to the charges in March. He came to the United States in 2007 and obtained U.S. citizenship. He actively participated in cybercrime since 2008, according to the Dept. of Justice, and claimed he had gained access to nearly half a million computers.
“Tverdokhlebov forged lucrative business partnerships with other Russian-speaking cybercriminals, with whom he exchanged tools, services, and stolen personal and financial information,” the DOJ said.
In October 2015 the North Bay Business Journal published a cover story on the dark web and its shady business operations. The Business Journal also holds an annual conference on cybercrime to help local business owners fight online fraud. The next cybercrime conference is scheduled for September 13.
“That’s where credit card numbers are sold,” said Michael Leonard, vice president, fraud examiner and anti-money-laundering manager for Exchange Bank, based in Santa Rosa. Leonard previously served as detective for the Sonoma County sheriff for a decade.
Nearly every day, Leonard scanned sites on the darknet. “We search through there as best we can to see if any of our cards are amongst those taken in a breach,” he said.
The Russian hacker sold various illegal services on darknet forums, including laundering of stolen money. He also operated several “botnets,” which are groups of compromised computers that can be used to steal credit card numbers and other financial information.
When federal agents arrested Tverdokhlebov, they seized $272,000 in hundred dollar bills distributed among safe deposit boxes in Los Angeles and Las Vegas. He also had bitcoin valued at nearly $5 million.
Tverdokhlebov sold financial information to other cybercriminals or had accomplices use the data to make fraudulent purchases or withdrawals from victim accounts. The hacker recruited Russian students visiting the United States on J-1 visas to open bank accounts in their names, receive money from victim accounts then transfer the money to Tverdokhlebov or his co-conspirators, the DOJ said.
The plea agreement stipulated to losses between $9.5 and $25 million. As part of sentencing, the federal court ordered the defendant to serve three years of supervised release following his prison term. The conditions included monitoring of Tverdokhlebov’s computer use.
Enrique Alvarez, a supervisory special agent for the FBI’s 200-agent cyber-intrusion unit in Oakland, spoke at one of the Business Journal conferences on cybercrime. Before joining the FBI, Alvarez worked at several Internet companies in San Francisco and served as a Navy intelligence officer in Iraq. Cyber-crime has drawn greater FBI attention especially since 2012, particularly on intrusions, Alvarez said.
The FBI has 40,000 employees in 56 field offices. The San Francisco office, the fifth-largest in the country, has five “cyber squads.”
Social networking accounts provide cyber criminals with rich troves of information that can be used to invade and attack through business and personal routes. “We track a lot of crime data,” Alvarez said.
Cyber criminals, including those in Russia and Eastern Europe, are “using a lot of infrastructure to conduct nefarious activities targeting” the financial services sector of the economy, Alvarez said. “Those actors are hiding behind foreign infrastructure.”