Russian hackers operating in Colorado and 15 other states have used data mining viruses to steal thousands of credit card numbers from US residents in 20 states and have sold them on the darknet for over 3 , $ 6 million, according to federal court documents.
As part of the large-scale criminal operation, so-called “carders” from Russia advertised and sold the numbers to Ukrainian agents using the Rescator network of websites – named after a Ukrainian hacker specializing in the sale of stolen credit cards.
Russian thieves have asked underground organizations to pay for batches of stolen credit card numbers using Western Union and MoneyGram International, according to documents filed by federal prosecutors in the U.S. District Court in Denver.
The documents did not indicate whether anyone had been arrested in connection with this scheme.
Colorado-based Department of Homeland Security agents discovered the operation. The Colorado attorney’s office on Friday filed forfeiture claims against two Colorado bank accounts, the documents show.
Criminals use software to access hidden websites and blogs on the darknet so that they can operate anonymously. As part of their investigation, Homeland Security officers made secret purchases of bundles of stolen credit cards.
A network of conspirators in Colorado and 15 other states redirected money to accounts opened in the Russian Federation.
MoneyGram officials contacted Homeland Security officers in November 2014 and informed them of 137 wire transfers totaling $ 170,000.
Agents determined in March 2016 that conspirators wired money to beneficiaries in Ukraine, the documents say. In 2015 and 2016, conspirators reportedly sent 3,997 telegrams totaling $ 3,598,160, according to records.
For example, on August 18, 2016, $ 900 was sent via MoneyGram to Stanislav Marynyuk in Ukraine. On September 7, 2016, $ 1,555 was sent to Lilya Romanovskaya in Ukraine, according to records.