NB: This story has been corrected. An earlier version mistakenly stated that 40 million US computers had been infected by the Gozi virus instead of 40,000.
WASHINGTON, November 8 (By Carl Schreck for RIA Novosti) – If two alleged Russian hackers placed on a US most-wanted list this week want to avoid a stint in the slammer, recent history suggests two pieces of advice: stay in Russia and don’t mess with the locals.
“America can’t touch you in Russia, that might be true. But not being careful about what you’re doing, that might attract the attention of local law enforcement as well,” Brian Krebs, editor of Krebs on Security, a website covering computer security and crime, told RIA Novosti.
The US Federal Bureau of Investigation this week announced it had added Russian citizens Andrei Taame and Alexei Belan to its most-wanted list of suspected cybercriminals, bringing to four the total number of Russian nationals on the 10-person list.
“We need the public’s help to catch these individuals, who have made it their mission to spy on and steal from our nation and our citizens,” FBI cybercrime official Richard McFeely said in announcing the additions to the list.
But when it comes to catching alleged Russian hackers, US authorities over the past 15 years have relied largely on secrecy, subterfuge and the suspects’ decisions to leave the friendly confines of Russia’s borders.
In many of these cases, the Russian suspects were detained in third countries at the request of the United States. US authorities have successfully extradited several of these individuals and are currently in the process of trying to secure the extradition of several others – a practice that has irked officials in Moscow.
The two countries, which do not have an extradition treaty, have sparred over their mutual refusal to hand over high-profile accused criminals, most notably convicted Russian arms trafficker Viktor Bout and fugitive US intelligence leaker Edward Snowden.
But alleged Russian hackers have been at the center of this dispute as well.
In September, Russia’s Foreign Ministry advised Russian nationals that if US authorities have “some claims against them,” they should not travel abroad, especially to countries that have bilateral extradition treaties with Washington.
The ministry cited three individuals arrested in third countries – Dmitry Belorossov in Spain, Maxim Chukharev in Costa Rica and Alexander Panin in the Dominican Republic – who are currently facing extradition to the United States on charges related to cybercrimes, according to US court documents and Russian media reports.
In July, US federal prosecutors announced they had secured the extradition of Russian national Dmitry Smilianets after he and alleged co-conspirator Vladimir Drinkman were arrested in the Netherlands last year at the request of US authorities, which have charged them and two other Russians in what US prosecutors call the “largest known data breach conspiracy.”
Drinkman still faces extradition, while the two other accused Russians and a Ukrainian suspect remain at large. Smilianets in August pleaded not guilty to the charges, which include the theft of 160 million credit card numbers resulting in hundreds of millions of dollars in losses to companies that include NASDAQ, 7-Eleven, Dow Jones and Jet Blue.
While many alleged Russian hackers pursued by the United States are arrested after unwittingly traveling to third countries, others have strolled right into the arms of American law.
Convicted hacker Nikita Kuzmin – identified by US prosecutors as the son of a Russian musician and in the Russian media as the adopted son of renowned Russian rock star Vladimir Kuzmin – was arrested in 2010 after traveling to San Francisco from Thailand unaware of the US investigation against him, according to US court documents.
Kuzmin pleaded guilty to several federal cybercrime charges in connection with the so-called Gozi virus, malicious software that infected at least 1 million computers worldwide – including 40,000 computers in the United States – and led to the theft of tens of millions of dollars, US District Attorney for the Southern District of New York Preet Bharara said in January.
Kuzmin pleaded guilty and has cooperated with authorities to identify two alleged co-conspirators in Latvia and Romania whose extradition cases are currently pending in courts. Kuzmin’s sentencing is scheduled for November 18, Bharara’s office told RIA Novosti this week.
US authorities have also actively lured alleged Russian hackers onto American territory.
In perhaps the most famous case, FBI agents set up a fake computer security firm dubbed “Invita” and invited accused Russian hackers Vasily Gorshkov and Alexei Ivanov to Seattle under the pretense of a job interview in 2000.
Gorshkov and Ivanov were arrested at the meeting and subsequently convicted of cybercrimes targeting PayPal, Yahoo and eBay, receiving three- and four-year prison sentences, respectively.
While staying in Russia may be the safe option for alleged Russian hackers wanted in the United States, targeting victims inside the country rather than foreign businesses and individuals could put them in the crosshairs of Russian authorities, said Krebs, the computer security expert.
He cited the case of a suspected Russian hacking ring whose eight alleged members were arrested last year on suspicion of using Trojan viruses called “Carberp” and “RDP-door” to steal about $2 million from individuals and businesses across Russia, according to Russia’s Interior Ministry.
Frequenters of Russian hacker forums in the past typically frowned upon victimizing their compatriots, but “that’s kind of gone by the wayside,” Krebs told RIA Novosti.
“We’re seeing a lot more cybercriminals over there being less discriminating about who they steal from,” he said.
Scott Borg, director of the US Cyber Consequences Unit, a nonprofit organization that studies cybercrime, told RIA Novosti this week that Russia would be wise to crack down on its legions of hackers for the sake of its international reputation and own economic interests.
“Cybercrime diverts an enormous amount of talent into criminal enterprise that would otherwise be doing something legal and more profitable,” Borg said.