Malware author pleads guilty for role in transnational cybercrime organization responsible for more than $568 million in losses
LAS VEGAS, Nev. – An author of malicious computer software and a member of the Infraud Organization pleaded guilty today to RICO conspiracy as a result of an investigation led by U.S. Immigration and Customs Enforcement’s (ICE) Homeland Security Investigation (HSI) and the Henderson Nevada Police Department.
Valerian Chiochiu, aka “Onassis,” “Flagler,” “Socrate,” and “Eclessiastes,” 30, pleaded guilty before U.S. District Court Judge James C. Mahan in the District of Nevada. Chiochiu is a national of the Republic of Moldova, but resided in the United States during the period of the conspiracy. His plea came just over a month after the co-founder and administrator of Infraud, Sergey Medvedev of Russia, separately pleaded guilty June 26. Sentencing for Chiochiu has been scheduled for Dec. 11.
Infraud was an Internet-based cybercriminal enterprise engaged in the large-scale acquisition, sale, and dissemination of stolen identities, compromised debit and credit cards, personally identifiable information, financial and banking information, computer malware, and other contraband.
“Over the course of seven years, Infraud and its alleged conspirators created a sophisticated cybercriminal racketeering scheme that victimized individuals, merchants, and financial institutions to the tune of over half a billion dollars in losses,” said Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division. “The Justice Department is committed to unmasking cyber criminals and their criminal organizations that use the internet for fraudulent schemes.”
According to the indictment, the Infraud Organization was created in October 2010 by Medvedev and Svyatoslav Bondarenko, aka “Obnon,” “Rector,” and “Helkern,” 34, of Ukraine, to promote and grow interest in the Infraud Organization as the premier destination for “carding” — purchasing retail items with counterfeit or stolen credit card information — on the Internet. Under the slogan, “In Fraud We Trust,” the organization directed traffic and potential purchasers to the automated vending sites of its members, which served as online conduits to traffic in stolen means of identification, stolen financial and banking information, malware, and other illicit goods. It also provided an escrow service to facilitate illicit digital currency transactions among its members and employed screening protocols that purported to ensure only high quality vendors of stolen cards, personally identifiable information, and other contraband were permitted to advertise to members. In March 2017, there were 10,901 registered members of the Infraud Organization.
Bondarenko currently remains a fugitive.
According to the indictment, Chiochiu provided guidance to other Infraud members on the development, deployment, and use of malware as a means of harvesting stolen data. As part of his plea agreement, Chiochiu admitted to authoring a strain of malware known to the computer security community as “FastPOS.”
During the course of its seven-year history, the Infraud Organization inflicted approximately $2.2 billion in intended losses, and more than $568 million in actual losses, on a wide swath of financial institutions, merchants, and private individuals, and would have continued to do so for the foreseeable future if left unchecked.
The U.S. Attorney’s Office for the Central District of California also provided assistance with Chiochiu’s case. Deputy Chief Kelly Pearson and Trial Attorneys Chad W. McHenry and Alexander Gottfried of the Criminal Division’s Organized Crime and Gang Section are prosecuting the case.