The opsec blunders that landed a Russian politician's fraudster son in the clink for 27 years Uncle Sam's lawyers have revealed the catalog of operational security mistakes that led to the cuffing of one of the world’s most prolific credit-card crooks. Last year, Roman V Seleznev, 32, was found guilty of multiple counts of fraud and hacking by a jury in Washington, USA. He was later thrown in the cooler for 27 years. …
Most criminals at best only partially plan their crimes. The local flatfeet generally know who is doing what and spend a good bit of time trying to get angle on the perps to get a conviction. So besides stupidity the perps are vulnerable to someone blabbing (many perps cannot keep their mouths shut) or the fact that living creates a trial that might trip them up.
Someone I knew was frequently going on about a unsolved crime & stated frequently that whoever did it should keep a very low profile from that day forth (or if you were going to commit any crime do it once, make it big & do it once only) as his "Golden Rule".
Unfortunately for him he met the victims husband & talked of his association (breaking his previously stated Golden Rule) as sales rep to the victims husband's former business & how he was questioned by police at the time.
Five weeks (& some eight years later from the first offense) later he was involved with a criminal offense, involving the son of his ex-employer that he used to work for as a sales rep.
The victims husband (Who was previously quoted as saying, that he always felt that he could one day be drinking with his wife's killer & would never know it) saw his picture & basic details of the new crime on the front page of the local paper, putting Two + Two contacted the police, who also came up with the answer of Four.
Yes hes still inside apart from one brief holiday after escaping from Parkhurst in the 90's (Google that if disinclined to believe).
A friend who's a police detective reckons that criminals are invariably stupid, lazy or both. Which stands to reason I guess, since if they were smart and conscientious types they'd be making decent money for a lot less risk in a proper job. Though I did wonder "is that really all criminals, or just the ones you catch..."
I'm still working on my first USD 17m. When I arrive, I will need USD 25m for the same purchasing power.
But the following month (i.e. April 2011) the Feds – and Seleznev – suffered a serious setback. The Russian was seriously injured in a terrorist attack while holidaying in Morocco, and spent several months in a coma.
Weird coincidence, that. Who is controlling Moroccoan terrorists?
Attacks could be indiscriminate and could target foreigners. In April 2011, 17 people were killed and 25 injured in a large explosion caused by a bomb in Marrakech at the Argana Restaurant in Djema el-Fna Square.
imprisoned on Guam?
Is that because the extradition to the USA could be deemed illegal, so he's been put in a USA territory outside the regular legal system?
A sort of overt rendition.
The guys a **** and deserves the sentence, but the yanks need to find a more legit way to do it.
Makes you wonder how many others are held on Guam - is it another Gitmo?
@x 7: "Is that because the extradition to the USA could be deemed illegal, so he's been put in a USA territory outside the regular legal system?"
Take off your tinfoil hat - Guam is a US territory, and isn't "outside the regular legal system". It would have been the closest US soil to the Maldives, so it makes sense that he would have been held on remand there while charges were prepared.
An extradition treaty isn't necessary; two countries can still agree to hand over a person without one.
Fuck him, I hope he enjoys his 27 years in federal prison. These weren't victimless crimes - he ruined the lives of a lot of small business owners.
https://assets.documentcloud.org/documents/3673513/Seleznev-US-Atty-Sentencing-Memo.pdf
imprisoned on Guam?
Is that because the extradition to the USA could be deemed illegal, so he's been put in a USA territory outside the regular legal system?
Guam is American territory. It has been American territory since the Spanish-American War of 1898. (The Spanish governor of Guam discovered that Spain was at war with the US when he woke up one morning to see lots of American ships in the harbor.) There was a brief interlude when Japan occupied the island, but other than that it's been American ever since. The biggest air base in the Pacific outside of Clarke AFB in the Philippines is Andersen AFB on Guam. During the Vietnam war it was a major base for B-52s and the like. Whenever things warm up in the western Pacific, Andersen gets dusted off and a few B-52s, B-1s, and B-2s plus KC-135s, KC-10s, and assorted fighters move in. The last I heard, a half-dozen B-2s from the 509th Bomb Wing were parked at Guam the better to irritate Little Kim in North Korea. (The 509th flies B-2s, and is the only unit in the world which has actual combat experience dropping nukes; as the 509th Bomb Group they were the boys who nuked Japan. The USAF sends the 509th out when they want to make an impression.)
Guam is American territory. Sorry to banish the tin-foil hat, but there it is.
"The Spanish governor of Guam discovered that Spain was at war with the US when he woke up one morning to see lots of American ships in the harbor."
Similarly the newly independent Philippines discovered Spain was at war with the US the same way - and that they were no longer independent. (This is where the americans perfected waterboarding as a torture treatment about 1902 and first discovered that fighting an insurgency can take several decades)
@x 7:"But its not part of a USA state or any other organised territory, so normal rules of law don't apply.
The federal authorities can do what they like with him with little chance of oversight"
Guam is US territory, whether you want to believe it or not.
Citation please, I hear you say?
https://www.britannica.com/place/Guam
https://www.cia.gov/library/publications/the-world-factbook/geos/gq.html
http://guam-online.com/
https://www.usa.gov/state-government/guam
Like speeding or running a stop sign you have to be caught doing it. If I admit driving 110 mph last night the cops can't show up and give me a ticket, but they could stake out my garage and follow me around to see if I do it again tonight.
Some states still don't even have talking/texting while driving as a primary violation, meaning cops can't pull you over even if they see you doing it, unless you are doing something else illegal that gives them a reason to pull you over.
"I admit driving 110 mph last night the cops can't show up and give me a ticket,"
However if they seize your phone and find it was recording your travels & confirmed the speed, or if you were stupid enough to film it, they can.
It's happened a few times.
Opsec blunders, you have got to be kidding. If this is the quality of today's cyber criminals then one has to wonder what they're teaching them in computer criminal school lately. Now pay attention whilst we enumerate his major errors:
a. Register domains with same Yahoo email accounts used to order flowers for own wife.
b. Purchase Server using same Yahoo email address.
c. Use same Server to control malware running on POS sales terminals of the Schlotzskys Deli chain.
d. Leave personal information on same Server such as passport details.
e. Run an online criminal enterprise using a 'Windows 8 hybrid laptop'.
f. Use same password on the 'Windows 8 hybrid laptop' as the Yahoo email account.
"In two years, the Feds say Seleznev cleared over $17m in illicit profits and many of the businesses he hit have since gone out of business"
I would have thought online Credit Card losses were covered by the issuer. Besides stealing/selling Ccards is just so much low-hanging-fruit. The real money is to be made by targeting middling to large businesses, non-profits and NGOs. You don't even need any opsec skills, most probably no one will come after you as they also have their hand in the till also. Like certain NGO that consists of nothing but a plaque on an office wall in middle Africa.
"I would have thought online Credit Card losses were covered by the issuer. "
It is. Limit of liability for false charges on most credit cards in the US is $50.
However, the merchant's agreement with the card company generally also requires them to keep card data secured, with automatic penalties for failure to do so. I've seen agreements with penalties as high as $50k per stolen card number. That'll bankrupt a small business pretty quickly.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
