8 charged for roles in international cybercrime scheme
The eight defendants are charged together in a criminal complaint with conspiracy to commit wire fraud, money laundering and identity theft. Allegedly, Oleksiy Sharapka, 33, of Kiev, Ukraine, directed the conspiracy with the help of Leonid Yanovitsky, 38, also of Kiev. Oleg Pidtergerya, 49, of Brooklyn, N.Y., Robert Dubuc, 40, of Malden, Mass., and Andrey Yarmolitskiy, 41, of Atlanta, managed crews in their respective cities. Richard Gunderson, 46, of Brooklyn, and Lamar Taylor, 37, of Salem, Mass., worked for Pidtergerya and Dubuc, respectively. Ilya Ostapyuk, 31, of Brooklyn, allegedly facilitated the movement of fraud proceeds.
Pidtergerya, Ostapyuk and Dubuc were arrested Wednesday at their homes by federal agents, and Yarmolitskiy was arrested June 11, as he arrived at John F. Kennedy International Airport on an overseas flight. Taylor and Gunderson are being pursued by law enforcement, and Sharapka and Yanovitsky, Ukrainian nationals, remain at large.
"These arrests underscore HSI's commitment and the ongoing joint efforts across the entire law enforcement spectrum to stop these cybercriminals in their tracks," said Andrew M. McLees, special agent in charge of HSI Newark. "HSI special agents will use every cutting-edge technological investigative tool at their disposal to dismantle these global criminal enterprises at the source and bring them to justice."
"According to the complaint unsealed today, cybercriminals penetrated some of our most trusted financial institutions as part of a global scheme that stole money and identities from people in the United States," said U.S. Attorney Paul J. Fishman. "Today's charges and arrests take out key members of the organization, including leaders of crews in three states that used those stolen identities to 'cash out' hacked accounts in a series of internationally coordinated modern-day bank robberies. We will continue to pursue our investigation into this scheme and our fight against the rising threat of criminals for whom computers are the weapon of choice."
"The investigation and successful prosecution of suspects involved in organized global fraud directed at electronic payment systems is dependent upon the collaborative efforts of federal law enforcement and private industry to ensure the confidentiality, integrity and availability of these systems as part of our critical financial infrastructure," said Special Agent in Charge James Mottola of the U.S. Secret Service's Newark Field Office."
The investigation revealed that conspiring hackers gained unauthorized access to computer networks of more than a dozen global financial institutions, including: Aon Hewitt, Automated Data Processing Inc., Citibank N.A., E-Trade, Electronic Payments Inc., Fundtech Holdings LLC, iPayment Inc., JP Morgan Chase Bank N.A., Nordstrom Bank, PayPal, TD Ameritrade, U.S. Department of Defense, Defense Finance and Accounting Service, TIAA-CREF, USAA and Veracity Payment Solutions Inc.
Once inside the victim companies' computer networks, the defendants and conspirators diverted money from accounts of the companies' customers to bank accounts and pre-paid debit cards controlled by the defendants. They then implemented a sophisticated "cash out" operation, employing crews of individuals to withdraw the stolen funds, making ATM withdrawals and fraudulent purchases in New York, Massachusetts, Illinois, Georgia and elsewhere.
As part of the scheme, the defendants stole identities from individuals in the United States and used those identities to facilitate the cash out operation, which included transferring money to cards in the names of the stolen identities. The defendants also used some of the stolen identities to file fraudulent tax returns with the IRS seeking refunds.
The defendants and their conspirators laundered the proceeds of the scheme, often through international wire transfer services, to the leaders of the conspiracy overseas.
The government's ongoing investigation into the organization has so far identified attempts to defraud the victim companies and their customers of more than $15 million.
If convicted, each of the defendants face 20 years in prison on the conspiracy to commit wire fraud count, 20 years in prison on the conspiracy to commit money laundering count and 15 years in prison on the conspiracy to commit identity theft count. The wire fraud and identity theft counts also carry a maximum fine of $250,000, or twice the gross amount of pecuniary gain or loss resulting from the offenses. The money laundering conspiracy count carries a maximum fine of $500,000 or twice the value of the monetary instruments involved.
The charges and allegations contained in the complaint are merely accusations, and the defendants are presumed innocent unless and until proven guilty.