Card Not Present Fraud , Cybercrime , Fraud Management & Cybercrime

Russian Cybercriminal Behind 'Cardplanet' Site Sentenced

Aleksey Burkov's Website Trafficked in Stolen Payment Card Data
Russian Cybercriminal Behind 'Cardplanet' Site Sentenced

Aleksey Burkov, a Russian national who operated a site called "Cardplanet" that trafficked in stolen payment card data used to make millions of dollars in fraudulent purchases, has been sentenced to nine years in federal prison, according to the U.S. Justice Department.

See Also: Tackling 2022's Emerging Social Engineering & Fraud Scams Plaguing Financial Services

After spending years as a fugitive before being arrested by Israeli police in 2015, Burkov pleaded guilty in January to multiple federal charges, including access device fraud; conspiracy to commit computer intrusion, identity theft, wire and access device fraud; and money laundering.

By pleading guilty to those charges, Burkov, 30, faced a possible 15-year federal prison sentence. Instead, U.S. District Judge T.S. Ellis III handed down a nine-year prison term on Friday.

The 108-month prison sentence will incorporate time served, which means that Burkov could be freed in a little over four years' time, according to the sentencing document filed in the case. He must also serve three years of supervised release, according to court papers.

Reached on Friday, Burkov's court appointed attorney, Gregory Stambaugh, declined to comment. In a statement that he read before the judge, Burkov expressed regret for his cybercriminal activities.

"In my early days when I was a child I met some hackers and began a wrong path in life," Burkov told the judge before sentencing. "At that time I could not differentiate the good from the bad and the [life] outside the law became customary for me. Only in jail did I realize how wrong my life path was. I realized and accepted my guilt and reevaluated my life."

Cardplanet

Between 2009 and 2013, the Cardplanet site trafficked in more than 150,000 stolen credit and debit cards, mainly issued through U.S. banks and financial institutions, according to a federal indictment. Prosecutors estimate that more than $20 million in fraudulent purchases were made using those cards (see: Russian National Charged in Payment Card Scheme).

Burkov, who has been described in court documents as an IT specialist from Saint Petersburg, Russia, built and operated the Cardplanet site, which trafficked in payment card data that included the account holder's name, account number, card verification value number and expiration date, federal prosecutors say.

The site acted as a clearinghouse, with cybercriminals buying and selling this stolen information, according to the Justice Department. Burkov advertised the Cardplanet services on underground forums, especially Russian-language sites. The site was hosted on a server located in Virginia, according to the indictment.

Depending on where the cards were issued, as well as the personal information of the cardholder, the data could sell for between $2.50 and $60 for each card, according to the indictment. Burkov also developed a "checker," which could validate the stolen credentials for buyers. And the site even offered a refund policy if the stolen cards didn't work, prosecutors say.

In most cases, cybercriminals used the stolen data to make purchases from stores and online e-commerce sites. Since Cardplanet operated before the popularity of bitcoin, Burkov accepted payments using other digital currencies, such as Liberty Reserve or WebMoney, as well as conventional payments from Western Union, according to the indictment.

Cardplanet ceased operations in 2013, and Burkov remained a fugitive until he crossed over from Egypt into Israel in 2015 and was arrested by Israeli police. He remained in custody there until November 2019, when authorities extradited him to the U.S. to face charges in Virginia.

'Direct Connection'

In addition to Cardplanet, Burkov and several other unnamed co-conspirators operated other underground forums for "elite" cybercriminals, according to court documents.

Unlike Cardplanet, which was public-facing, one of these secondary sites, called "Direct Connection," operated in secret, prosecutors say. To gain membership into this cybercrime forum, prospective members needed three existing members to "vouch" for their reputation among other cybercriminals; they also had to pay about $5,000 as “insurance,” according to the indictment.

Once accepted, members of Direct Connection could then use the forum to help plan other crimes, buy services or exchange information with other cybercriminals, the court documents show.

International Affair

The long-running case against Bukov also involved on-again and off-again negotiations between the U.S., Israel and Russia (see: 'Soviet Tactics': Russia Tries Prisoner Swap for Hacker).

Before the U.S. indictment against Burkov was unsealed, news reports from Israel described how Russian officials attempted to swap Israeli-American citizen Naama Issachar, who was being held in Russia on marijuana possession charges, for Bukov, who was being detained in Israel at the time.

Russian officials, according to news media reports, wanted Burkov to return home to face different criminal charges there. After a long court battle that started in 2015, the Israeli government signed extradition papers in November 2019 to send Burkov to the U.S. to face the charges there, according to news reports.

In January, Russian President Vladimir Putin issued a pardon for Issachar and she returned to Israel, according to the BBC.

Managing Editor Scott Ferguson contributed to this report.


About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.