The hacker Seleznev sang like a nightingale in American dungeons. Russian Roman Seleznev admitted his guilt in cyber fraud Seleznev's son

US intelligence agencies detained and transported to Guam hacker Roman Seleznev

To bookmarks

On July 7, US authorities announced the arrest of Russian hacker Roman Seleznev, who specialized in stealing bank card data and was known on the Internet under the nickname Track2. Over the next 24 hours, the story of the arrest acquired new details, rapidly turning from a criminal report into a full-scale international scandal involving the Russian Foreign Ministry, the State Duma and the FBI.

TJournal tried to understand the complicated story of the hacker Seleznev, whose capture took the FBI almost four years, and traces of whose activities are found all over the world - from Seattle and Marrakech to Vladivostok.

Grill Bar on Broadway

Broadway Grill, Seattle

In the fall of 2010, the small Broadway Grill at the intersection of East Broadway and Harrison Street in Seattle, Washington, was destined to make it into all the local newspapers. Hundreds of its visitors became victims of unknown cybercriminals who stole information on their bank cards.

It all started a month before the press made a fuss. On October 22, 2010, the card payment processing system installed in the grill bar was hacked. Restaurant customers who paid with credit cards began to complain about strange transactions and incomprehensible debits from their accounts.

Day by day the complaints became more and more numerous. Almost all of them came to police departments located on Seattle's Capitol Hill - exactly in the area where the restaurant was located. From the end of October to mid-November, a total of about 600 people lost money on their cards. Local media monitoring the situation even compiled an infographic showing the total number of complaints on any given day.

There were many versions of how exactly the hackers managed to penetrate the grill bar’s computer system. Cybersecurity experts agreed on only one thing - the attack was quite sophisticated, and its true scale has yet to be revealed.

Special Agent Kierstead

Special Agent Robert Kierstead was transferred to the US Secret Service Electronic Crimes Task Force in Seattle in May 2007. Before this, Kiersted worked for more than five years in units involved in ensuring the security of the US President. When it became obvious that the police would not be able to solve thefts from credit cards in the grill bar, he was entrusted with the case of a hacker attack on the restaurant.

Robert Kiersted

Having started an investigation, Rob Kiersted found out that it was most likely not local, American hackers, but someone from abroad, who were behind the hack. The very methods used by the attackers made it possible to gain access to the card numbers not only used in the grill bar on the day of the attack, but also stored in the program memory where they were entered during payment. Program logs stored card data for 90 days. One attack was enough to obtain several thousand credit cards.

The October hack was just one of many, Keirstead found. Data thefts using the same pattern have happened before with a certain frequency. The earliest case of illegal withdrawal of funds dates back to October 2009.

Gradually, the grill bar on East Broadway, as well as special agent Robert Kiersted, disappeared from the attention of the press. Absolutely nothing was heard about how the investigation into the thefts was progressing. However, work to identify the hackers did not stop.

In March 2011, Kiersted discovered that one person was behind the thefts, a certain Roman Valerievich Seleznev, known on the Internet as Track2. The total number of cards he stole was close to 200 thousand. The success of Kiersted and his colleagues, however, was not publicly reported at that time. Charges against Seleznev were brought in absentia and the decision on the need to bring him to justice was made behind closed doors. After all, the hacker himself still had to be found and caught.

Moroccan trace

One of the few mentions of Roman Seleznev in the press dates back to the same spring of 2011, when charges were already brought against him in America. The unsuspecting hacker in April of that year was with his wife Svetlana in the city of Marrakech, Morocco, where, by coincidence, he could forever lose the opportunity to be subject to criminal prosecution in the United States (Seleznev permanently lives in Vladivostok, where his father worked and was elected to the Duma).

On April 28, an explosion occurred at the Argana cafe in the center of Marrakesh. At first everything was attributed to a gas leak, but soon the main version became a terrorist attack. 16 people died. Seleznev and his wife, who were at the time of the explosion in Argan, managed to survive. They were taken to one of the local hospitals, and then, due to the fact that Roman Seleznev received extremely serious injuries, it was decided to transport the tourists to Russia. For this purpose, a specially equipped plane flew out to pick them up.

Cafe Argana in Marrakech the day after the explosion

Once at home, the hacker underwent a complex operation at the FMBC named after. Burnazyan and even spent some time in a coma. Later, this circumstance will be used by his father, deputy Valery Seleznyov, as evidence that his son, being disabled, could not commit the crimes charged to him.

The deputy himself also has a disability. As reported on his official website, in his youth, as a result of an injury, he lost his right hand: apparently, based on this fact, some media wrote that Seleznev Jr. could also have his hand amputated.

Samvelych and Bulba

Valery Seleznev, father of a hacker, State Duma deputy

No known terrorist group has ever claimed responsibility for that terrorist attack. The Moroccan authorities and media blamed one of the al-Qaeda cells operating in the African country for organizing the explosion.

It is unknown whether the terrorist attack in Marrakech is somehow connected with the development of the Seleznev case in the United States. There is no direct or indirect evidence that American intelligence services paid attention to the presence of the name of the person they were looking for on the list of victims in Morocco. However, it was after the explosion that the Track2 case began to enter its decisive, final stage.

Track2 itself, also known as nCux, Bulba, Roman Ivanoc, bandysli64 and Ruben Samvelich, on the contrary, ceased any active activity in 2011. What Seleznev is doing in real life at this time is unknown, but all his activity on forums for selling stolen bank data is suspended.

As cybersecurity specialist Brian Krebs writes in his blog, at that time two sites associated with the hacker also stopped working - track2.name and bulba.cc. Both resources were used by Seleznev to directly sell the cards he stole. A “package” of 100 cards cost $1,300, a “package” of a thousand cards cost eight thousand. The hacker promised buyers the “high suitability” of the data he sold, at various times citing a figure of 95 percent of active cards per “package.” As US law enforcement agencies later calculated, the son of a deputy earned about two million dollars online in this way.

Screenshot of the website bulba.cc as of May 2011

However, it was not these sites that brought Roman Seleznev closer to the arrest, but the Carder.su forum for hackers specializing in card thefts. In 2013, the forum was hacked, and information about users registered on it became publicly available. It is unknown who hacked the site, but a few months later a high-profile trial in the Carder.su case began in the United States.

First, charges of hacking were brought against 22-year-old David Kamez, one of the active users of the forum. Then, about 50 more people went through preliminary hearings on the same charges (hacking of computer systems and theft of bank data). In May 2014, Kames, who called himself Bad Man and doctorsex online, received 20 years in prison and a bill for $20 million, which he must pay as compensation for the damage he caused. Verdicts on the remaining cases are expected by the end of this year.

Screenshot of a message left by Roman Seleznev under the nickname bulba on one of the Internet forums

A similar punishment now awaits Roman Seleznev, who also often posted advertisements for the sale of stolen cards on Carder.su. In total, he faces about 60 years in prison and a minimum $2.5 million fine (charges have been brought against him on 28 counts, from bank fraud to identity theft).

The hacker's father, deputy Valery Seleznev, has already stated that he is ready to fly to the United States for his son, and also said that he may contact the Investigative Committee with a request to open a criminal case of kidnapping. The defendants in such a case could be “unidentified citizens of the United States and the Republic of Maldives” who captured a Russian citizen and took him to Guam on a private plane to bring justice to justice.

PS: Disability Advocate

The father of the detained hacker, Valery Seleznev, although not one of the well-known deputies, plays an important role in the Duma. Seleznev was elected to the lower house as a member of the LDPR party back in 2007. Since then, he managed to work in the Duma Committee on Property, for some time led the development of laws related to anti-raiding and bankruptcy, and was also a member of the Committee on International Affairs (perhaps this is why Seleznev’s statements regarding the kidnapping of his son were quite readily supported by the Russian Foreign Ministry , which sharply condemned the actions of the United States).

Having been re-elected to the Duma in 2011, the deputy took the position of first deputy head of the property committee. Seleznev is also actively involved in various initiatives related to the protection of the rights of people with disabilities.

A native of Vladivostok came to politics from business. And here his career is not as well documented as his work in the State Duma. He began his entrepreneurial activity in 1994 and for a long time was engaged in the supply and sale of food products. In 1998, for example, he became the general director of the Australian Food Company, and in 1999 he joined the board of directors of Primorsky Confectioner LLC.

Roman Seleznev with Anna and her daughter. Photo: AFP

American justice rarely manages to reach out to Russian hackers and carders, who constantly carry out hacking in the United States and siphon billions of dollars from the US banking system. But when this is successful and if guilt is proven, the guys receive maximum sentences.

On Friday, April 21, 2017, the Federal District Court in Seattle sentenced 27 years in prison Roman Valeryevich Seleznev, a 32-year-old citizen of the Russian Federation, son of Valery Seleznev, a current deputy of the State Duma of the Russian Federation from the LDPR party.

Roman is known on underground forums under the nicknames Bulba, Track2, 2pac, nCuX, etc. He himself traded dumps through the sites POS Dumps, track2.tv, bulba.cc, 2ras.ss - the latter sold millions of dumps taken from Target store terminals, Neiman Marcus, Michaels, Staples and Home Depot, in 2013-2014 it was the largest dump store on the Internet.

Roman Seleznev was put on the wanted list by Interpol with a “red notice”. He was detained at the airport in the resort city of Male in the Maldives by American intelligence agents on charges of computer fraud, hacking, hacking of bank accounts and theft of credit card dumps and causing damage to US citizens and organizations in the amount of about $2 million. After that, he was transported to the United States.

The Western District Federal Court in Seattle charged Roman with hacking retail point-of-sale systems throughout the United States in 2009-2011. According to the indictment, from his homes and apartments in Vladivostok, Indonesia and Bali, he operated international card forum sites to facilitate the theft and sale of stolen credit card data. 1.7 million dumps were found on Seleznev’s laptop, and more than $18 million in bank accounts obtained as a result of illegal transactions. These funds, in particular, were used to purchase two apartments in Bali with a total cost of $800 thousand.

On the computer they also found photographs of Roman driving various sports cars, as well as next to stacks of banknotes similar to 5,000 ruble bills.

According to proven episodes, Seleznev’s schemes made it possible to resell more than two million credit cards, which led to losses for the US banking system of more than $170 million. If we take into account the overall work of Roman’s carder forums, the total damage could amount to billions of dollars. Among the victims are 3,700 financial institutions and 500 companies around the world, mainly in the United States. For this reason, federal prosecutors call Seleznev “the biggest fish” from the carding world that has ever fallen into the hands of American justice.

In a handwritten letter to the court, Roman spoke about the problems of his difficult childhood in Vladivostok, about his alcoholic mother and how at the age of 17 he barely had enough money to pay for food and utilities. These difficulties forced him to make “the biggest mistake of his life,” as Roman writes, that is, they forced him to take up carding. He stole credit cards and other data that could be resold. Over time, he improved his hacking abilities and increased his volume. Then things got even more serious. He became rich, married Svetlana and moved to Bali. In general, a typical story of a Russian carder. The tragedy happened after the terrorist attack in Marrakesh in 2011, where Roman’s part of his head was blown off, he fell into a coma for a long time, his wife left him and went to the USA with all the money and daughter. After emerging from a coma, Roman returned to carding, met a Ukrainian woman, Anna, whom he fell in love with, and she is still fighting for him with American justice.

The hacker's common-law wife Anna Otisko and father, Russian State Duma deputy Valery Seleznev, after the press conference. Photo: ITAR-TASS

The US Secret Service had been tracking Roman Seleznev for more than a decade, according to court documents. The search resulted in a successful arrest in June 2014 in the Maldives.

It is curious that the Maldives does not have an extradition treaty with the United States, so Roman felt safe there - and purchased real estate. However, Interpol and the US Department of Justice through the State Department managed to reach an agreement with law enforcement agencies in the Maldives to help detain the Russian. For this purpose, a special plan was developed, according to which the hacker was detained at the airport right before boarding a plane flying to Russia.

Agents placed Roman under surveillance immediately after he arrived in Male. During his journey from the terminal to the airport, he was already under close surveillance: several agents were sitting with him on the bus, a couple of rows behind him. As soon as Roman handed over his passport to control at the airport, he was immediately handcuffed.

Local authorities simultaneously announced the expulsion of Roman from the country. Instead of a plane home, American intelligence services put the Russian on a private plane, which took him to a prison on the American island of Guam, and from there he was transported to the United States.

Deputy Seleznev subsequently offered $50 thousand for the video recording of his son’s detention and expressed the opinion that economic sanctions should be introduced against the Maldives.

In August 2016, the jury found Seleznev’s guilt proven in 38 episodes of the criminal case. Of these, ten relate to cyber fraud and nine relate to unauthorized access to computer networks. The prosecutor asked for 30 years in prison for Roman, and on April 21, 2017, the judge issued such a verdict, taking into account the fact that Roman had already served three years.

Informative comment

For those wondering where 27 years old is from

The gentleman is accused of 40 counts of criminal activity (felony), of which 38 are related to hacking. In US law, episodes are grouped, after which each group is either summed up or absorbed by the largest. The largest group is presented as punishment. In addition, there are crimes that are not grouped and are summed up unconditionally by the deadline.

In the court decision, the episodes are grouped as follows (I will try to translate them so as to roughly correspond to our legal terminology:

• 1-10 - Fraud using electronic digital means (Wire Fraud) - 336 months
• 12-19 - Intentional damage to electronic computing devices performing important operational functions (Intentional Damage to a Protected Computer) together with
• 21-29 - Illegally obtaining access to secret/protected information (Obtaining Information from a Protected Computer) - 60 months
• 30-38 - Illegal access to devices (Access Device Fraud) - 120 months

As a result, we take the maximum period - 336 months. 24 months are added to them for points 39 and 40 (knowingly giving false testimony). We get 360 months, or 30 years.
Counts 11 and 20 appeared to relate to organizing criminal activity and the jury found they were not proven.

Now about some interesting things.

In addition to this system, the United States has developed a special scoring table that makes it possible to formalize aggravating parameters and increase the sentence in proportion to the severity. For Seleznev, the table takes into account, for example, the following points:

• Loss in excess of $550 million - total financial losses exceed 550 million
  10 or more victims - more than 10 victims
• Scheme committed from outside of the U.S. - the crime was committed from outside the United States
• Organizer/leader - the defendant is the leader of a criminal organization
• Obstruction of justice - the defendant obstructed the administration of justice

According to this table, the prosecution should have recommended a life sentence, but the use of such “modifiers” is only permissible in certain cases, for example, if the case falls under the RICO Act. But proving RICO is quite expensive, and not at all a fact. that Seleznev’s organization suits him. Therefore, "modifiers" were not used.

All the more surprising is the fact that these calculations are included in the conclusion, since, according to American laws, they are not relevant to the case and should have been withdrawn and excluded from the testimony for the jury. In my personal opinion, this is evidence of the low quality of legal assistance provided to a citizen of the Russian Federation, since such calculations clearly set the jury against the defendant.

You can notice something odd in the verdict; in the description of the groups of episodes, the following is written:

as to each of counts 1-10 (Wire Fraud), defendant shall serve 336 months to be run concurrently with one another, and also concurrently with all other counts except counts 39 and 40

That is, the sentence for episodes must be served together with other episodes, and together with other groups of episodes. If you think about it, this means that for 1 episode of Wire Froud they give 28 (!) years. This incident is a historical feature of the United States. Fraud involving federal communications (postal services, telecom operators) and financial (banks) institutions is a particularly serious crime in the United States.

The proposed scheme of charges is interesting, according to which the charges against Seleznev were prepared in several states at once, and the episodes were distributed among all. At least two states were preparing to bring charges under the mentioned RICO Act, requiring life imprisonment. The interesting thing is this: in any legal country no one can be tried for the same crime twice, but in the USA a person can be tried for the same crime several times in different states if the charges do not completely coincide in the episodes. That is, it is worth replacing one episode with one for which no charges were brought - and a new trial in another state is ready. There are a lot of episodes in the Seleznev case.

Before the verdict.

“The crimes committed bring me great sorrow and shame. I repent of what I did,” the hacker addressed the court before the verdict was announced. From his written statement to Judge Richard Jones, it appears that he had previously maintained his innocence, following the advice of unscrupulous lawyers.

The jury unanimously found the son of State Duma deputy from the LDPR Valery Seleznev guilty of 38 counts of cyber fraud, intentionally causing damage to a protected computer, obtaining information from a protected computer, storing more than 15 unauthorized devices for accessing protected computer networks, and aggravated theft of personal information.

The Russian hacker was convicted exactly according to the sentencing table used in US federal courts. Based on the crimes, the table recommended a prison term of 27 years and payment of compensation in the amount of $169 million. The jury recognized this amount of damage caused by Roman Seleznev, and the Russian has already paid part of it by selling property in Bali and transferring his savings stored in Russian banks.

The prosecutor's office argued that the losses of American legal entities and individuals exceeded $1.2 billion, and requested a 30-year sentence for Mr. Seleznev. The prosecution explained its severity by the Russian’s refusal to cooperate with the investigation after arrest. His readiness to fight cybercrime became known too late, prosecutors said in documents.

The American lawyer of the Russian hacker, Igor Litvak, petitioned the court that Mr. Jones, when determining the punishment, should not use a legal table, but look with sympathy at the personality of the convicted person. He noted that over the past few months, his client handed over to prosecutors four laptops and six disks of information delivered from Russia, and over two days in March he made contact with investigators who were checking the veracity of his testimony.

The prosecution, however, during this interrogation doubted the veracity and sincerity of the defendant’s testimony and noted that they did not find anything new in the hacker’s revelations. The prosecutor's office believes that Roman Seleznev not only hacked into the computer networks of American restaurants and stores, but also created online instructions for those wishing to use credit card numbers stolen by a criminal group, the leader of which, according to American intelligence services, he was.

Alexey Bogdanovsky

Russian citizen Roman Seleznev, accused in the United States of cyber fraud, signed a confession, but the prosecution still demands 30 years in prison for him, according to court documents available to RIA Novosti.

[...] Prosecutors argued at the trial that 1.7 million stolen credit card numbers were found on Seleznev’s computer during his arrest in 2014, and in total almost 3 million numbers were stolen. [...]

Confessions

Seleznev's initials sign the 11-page confession, handwritten in English with errors.

"I accept full responsibility for everything. I am afraid of punishment," the handwritten document says. “I’m Roman Seleznev, I want to say: I’m wrong and I apologize,” the letter says.

“I hope that one day I will be released from prison. I will work very hard to pay my debt to the victims and society. I will work honestly,” promises Seleznev, who has not previously admitted his guilt. He does not ask the court for leniency or a reduction in prison term.

“I have done many wrong things in life and accept responsibility for it. I am imperfect, I did the wrong thing. I can’t blame anyone but myself! I did it, and now I will answer as a man for my crimes,” writes Seleznev.

The author of the letter writes that “he himself wanted to cry” while listening to the testimony of the victims in court. The prosecution justified the court's jurisdiction by the fact that the victims of Seleznev's actions lived, among other things, in the state of Washington, and some of the victims spoke in court. “Some even lost their business because of me. I am so worried that people are suffering from what I caused them,” writes Seleznev.

Difficult childhood and hacking

Seleznev describes in detail his difficult childhood. According to him, from the age of two he lived with his mother in a room of about 10 square meters in a communal apartment. Seleznev mentions difficult financial conditions and describes how he independently learned to read computers while staying alone at home for a long time. One day he found his mother choking in the bathtub. “She is dying due to alcohol poisoning. I panic and cry very much from this pain - the loss of my mother,” writes Seleznev.

"I was not a problem for anyone and did not create any problems when I was young. I was respectful, polite and always tried to do good," Seleznev writes. However, according to him, he then took the path of crime.

"I was wrong and went in the wrong direction. My mother would never be proud of me for this life. I am starting to become a hacker and hack into computers to find credit cards and other information that I can sell," Seleznev said in his testimony.

“I was using my skills poorly and knew that this was shameful and wrong. In 2007, I found a large database of credit cards and sold them for a large amount of money. I became greedy and lost control of myself,” writes Seleznev.

Torture and terrorist attack

Seleznev describes being tortured in 2009 by burglars who broke into his home while his wife and daughter were on vacation. After this, Seleznev, fearing for his life, temporarily moved with his family to Indonesia on the island of Bali.

The defendant claims that he was going to quit hacking, but by mid-2010 he could not find a job due to a lack of education. “I again made the wrong decision to return to the criminal activity that I wanted to quit,” writes Seleznev.

He goes on to describe being wounded during a terrorist attack in Marrakech, Morocco, in 2011, where he was visiting as a tourist. “The waiter brings us juice, and then a suicide bomber explodes. The whole cafe explodes, there is blood and dead people all around. Half of my head explodes, another 20 innocent people die,” writes Seleznev. “I was in a coma and dying,” he adds.

According to Seleznev, he was saved only by urgent evacuation to Moscow for the operation. Relatives were told he would die and he was baptized in anticipation of death. However, according to Seleznev, a miracle happened: his consciousness began to return, after 3 months he got back on his feet, and a year later he was able to restore his speech.

Seleznev says his wife left him because she “didn’t want to take care of the vegetable.” “She fled Russia to the United States, taking our daughter and all our money,” Seleznev writes. For most of 2011 and 2012, he says spent in the hospital and then returned to hacking.

“In 2013, I again began hacking computers and selling credit cards,” the affidavit states.

Bride in Russia and studying in prison

Seleznev describes how, after his arrest in the Maldives, he was completely confused. “I was scared, confused, shocked, I didn’t understand even half of what was happening and what many people were telling me,” the defendant writes.

He said his former lawyers gave him "terrible advice" to plead not guilty to avoid life in prison. “Now it is quite clear to me and everyone else that my lawyers wanted another trophy and to use me for public and personal gain,” writes Seleznev. Over the years of the trial, he changed a number of lawyers, including a “star” lawyer who defended famous criminals.

Without asking for leniency from the court, Seleznev describes his exemplary behavior - in particular, he began to study intensively in prison. Seleznev describes that he has already received a number of diplomas for studying law and is studying for a specialty in hotel and restaurant management, and also plans to obtain a bachelor's degree in business management.

Seleznev also writes that he has a fiancée in Russia. “She truly loves and supports me for three years. She has a daughter, and I want to adopt her... Anna understands what awaits me in the United States, but she loves me and prays for my life every day,” the statement reads. indications.

"Please understand that I was a desperate child who grew into a desperate man. I want to pay for my wrongdoings and make things right as best I can," the affidavit states.

"Belated Effort"

At the same time, prosecutors Seth Wilkinson and Norman Barbosa, in a memorandum for the court, demand that Seleznev’s confession be not taken into account and propose to sentence him to 30 years in prison.

“The government believes that a sentence of 30 years is sufficient but does not exceed what is necessary,” the prosecution memorandum states. At the same time, prosecutors note that the severity of the crimes charged to Seleznev requires life imprisonment. They call Seleznev's case unprecedented in terms of the damage proven and describe the defendant as a prominent hacker who earned tens of millions of dollars from illegal activities.

Taking into account a possible reduction in his sentence for good behavior, Seleznev, who is 32 years old, could be released from prison when he is over 50, prosecutors say.

The prosecution believes that Seleznev does not deserve leniency because before the trial he refused to cooperate with the investigation, and after the verdict he could not provide the prosecution with sufficient information that could expose his accomplices and thereby help the defendant.

"The defendant's belated efforts to cooperate (with the prosecution) are insufficient to justify any reduction in sentence," the prosecution said in its motion.

In turn, the defense called for Seleznev to be given a humane sentence and, given his repentance, to reduce the sentence below the term prescribed in such cases.

Previously, Russia banned four US Justice Department employees from entering its territory because of the Seleznev case. They are Charles Seth Wilkinson, Ethan Ray Arenson, Katherine Worma and Norman Barbosa. Three of them (Wilkinson, Barbosa and Worma) work in the Washington State Attorney's Office. Wilkinson and Barbosa are prosecutors in the trial.

The jury in August 2016 returned a verdict of “guilty” to Seleznev on 38 of the 40 counts, acquitting Seleznev on the remaining two counts. The Russian was accused of 40 criminal counts under five counts: cyber fraud, intentionally causing damage to a protected computer, obtaining information from a protected computer, possession of more than 15 unauthorized devices for accessing protected computer networks and aggravated theft of personal information.

05.09.2016

American intelligence agencies spent 10 years catching the computer fraudster TRACK2, aka nCuX, aka Bulba. The son of State Duma deputy Roman Seleznev was hiding under these names

At the end of August, a jury in Seattle found the son of State Duma deputy Valery Seleznev, Roman, guilty of hacking computer networks, identity theft and bank fraud. The prosecution claims that the damage caused by the Russian can be estimated at $170 million. Russian authorities, in turn, have already called Seleznev’s arrest a “kidnapping” and the process itself illegal. “Top Secret” decided to figure out what exactly the Vladivostok resident was accused of in the United States.

Thirty-year-old Roman Seleznev was arrested in the Maldives at the very beginning of July 2014, a few minutes before boarding a Moscow flight. In the departure area of ​​the Ibrahim Nasir International Airport, three police officers approached a resident of Vladivostok, who was returning from vacation with his common-law wife and child, snapped handcuffs on his wrists and escorted him to a separate room. There, agents of the US Secret Service were already waiting for Roman Seleznev.

TRACK2, aka nCuX, aka Bulba

As it turned out later, American intelligence services began the hunt for Roman Seleznev 10 years ago. According to one version, law enforcement agencies were informed about the activities of the Russian hacker, who is distinguished by enviable activity, by the European public organization Spamhaus Project, which is engaged in the fight against spam. According to another, American law enforcement officers were able to get on the trail of Seleznev by tracking a whole series of computer network hacks in the United States. The investigation documents state that in the computer world, Roman Valerievich Seleznev used a whole bunch of pseudonyms. Among them are track2, Roman Ivanov, Ruben Samvelich, nCuX, Bulba, bandysli64, smaus, Zagreb, shmak and a good dozen other nicknames.

According to the prosecution, a resident of Vladivostok was part of the transnational criminal organization Operation Open Market: members of the community bought and sold other people’s personal and financial information on online forums for “carders” who stole bank card data. In 2012, 19 members of this organization were arrested, but Seleznev himself remained out of reach of American justice. In addition, the Russian is considered one of the leaders of the group, named in the United States Carder.su after the website created for the underground trade of stolen credit card numbers and personal data. The investigation into the case of this group began back in 2006 and lasted more than seven years. According to investigators, a total of 5,626 people around the world used the site’s services. Of these, 39, including Roman Seleznev, are considered leaders of a criminal group. According to the Nevada State Attorney's Office, it was he who created an automated system for selling stolen bank card data.

Besides him, the case materials mention Roman Zolotarev (known online as Admin and Support), Konstantin Lopatin (Graf), Alexander Kostyukov (Temp and KLBS) and Sergei Litvinenko (Dorbik and Matador). The group also included citizens of Ukraine, China, Great Britain, Romania and several Arab countries. To date, US authorities have managed to arrest 19 people from this list. Roman Seleznev was 20th.

The schemes used by the scammers were not varied. Hackers found vulnerable loopholes in the computer networks of banks, restaurants and stores and launched their own virus into the “system”, copying customers’ credit card data. This is how, for example, 32 thousand credit card numbers were stolen from the computers of the popular Broadway Grill restaurant in Seattle from December 2009 to October 2010. Among the establishments that, according to the investigation, Seleznev “cleansed” are four more restaurants in Washington state, New York’s Latitude Bar and Grill, a jewelry store in Maine, a zoo in Phoenix, Arizona, a bakery in Seattle, and several cafes of the chain. Mad Pizza and supermarket in Idaho.

According to the Washington State Prosecutor's Office, from November 2010 to February 2011 alone, Roman Seleznev stole the numbers of more than 200 thousand credit cards and sold 140 thousand of them on carding websites, earning more than two million dollars. The servers he used to steal data were rented in Russia, Ukraine and McLean, Virginia. If you believe the investigation documents, it was this server, located in the United States, that made it possible to collect the main evidence against the son of a State Duma deputy. In 2010, the US Secret Service began investigating a hack into a supermarket computer network in Idaho, where the details of several thousand credit cards were stolen. Some of them later surfaced on a “hacker” Internet forum in Russia, where they were traded by a user with the nickname Track2. To the surprise of investigators, the rest of the data was stored by the thieves on a server in Virginia.

Unlike the Russian server, the Virginia server was completely accessible to US Secret Service agents. Law enforcement officers discovered the details of 170 thousand stolen bank cards, and at the same time comprehensive data about the private life of Roman Seleznev himself. As representatives of the prosecutor's office later clarified in court, it was this server that the Russian used to order air tickets, buy flowers for his common-law wife, or pay membership fees at a poker club.

Seleznev, according to investigators, sold the stolen bank card numbers on specialized Internet forums. At the same time, the sales price depended on how suitable the cards were for further illegal transactions. Rooms with a 95% guarantee of “suitability”, which the owners had not yet managed to block, went for 20-30 US dollars. For numbers with a 65% guarantee (as stated in the ad. - Ed.) they asked for no more than 7 dollars. Moreover, all payments were carried out only through “shadow” online services, such as the notorious Liberty Reserve, which at one time was called “the main payment system of the criminal world.” This allowed both the seller and the buyers to remain completely anonymous.

Wrong jurisdiction

In 2011, prosecutors in three states - Washington, Nevada and Georgia - officially charged Roman Seleznev with computer fraud, network hacking, identity theft and money laundering. But the hunt for the Russian hacker began long before that. According to the case file, on May 19, 2009, US Secret Service officers who were investigating the computer hacking case met in Moscow with representatives of the FSB and “presented them with detailed evidence that the defendant was engaged in illegal penetration into computer networks.” At the meeting, the Americans handed over to their Russian colleagues a complete list of nicknames used by the suspect on closed Internet hacker forums, including the most frequently used at that time - nCuX. At the same time, FSB officers were given a package of information collected by investigators, on the basis of which they came to the conclusion that the real name of this person is Roman Seleznev, from Vladivostok.

A month later, on June 21, 2009, as follows from the case materials, “nCuX notified its accomplices on numerous criminal online forums that it was ceasing its activities.” Shortly after this, nCuX actually disappeared from the Internet. Instead, in September 2009, Track2 and Bulba appeared on the Internet, offering exactly the same services. After a short analysis of the activity of “new” users, American law enforcement officers came to the conclusion that the same Roman Seleznev was hiding behind these pseudonyms. And it was decided to give up cooperation with the Russian side. The investigation materials speak with utmost frankness about the motives for this decision: “The deliberate leak of information by FSB officers, as well as the fact that Seleznev’s father is known for his connections in the Russian Government, prompted the US authorities to conclude that further attempts to coordinate efforts with Russian representatives would expose the investigation too much. great risk."

Instead, the Americans decided to “change jurisdiction.” In April 2011, for example, a court in Seattle allowed copies of the indictment in the Seleznev case to be sent to the South Korean Ministry of Justice. The package of documents also contained an official demand to detain a Russian citizen who had repeatedly flown through Seoul airport in the past. A year and a half later, in October 2012, “additional documents” on Seleznev’s case were handed over to the South Korean authorities, and representatives of the US Secret Service even discussed in Seoul the possible prospects of a trial of a Russian in this country with subsequent extradition to the United States.

In January 2012, similar requests were sent to the authorities in Indonesia and Thailand. In December of that year, Secret Service officials notified a US court that they had held discussions with Indonesian authorities. Roman Seleznev once purchased two apartments on the island of Bali, valued at $800 thousand. American representatives tried to convince the Indonesians to agree to expel the hacker from the country and “send him to another jurisdiction.” Australia was identified as the “most acceptable option”. A preliminary agreement has already been reached with the authorities in Canberra to issue an arrest warrant for Seleznev.

Oddly enough, all the efforts of the US Secret Service never brought results. Seoul was happy to negotiate, but refused to give any answer. The authorities of Indonesia and Thailand completely refused the American representatives, saying that they did not want to spoil relations with Russia. American investigators got “lucky” only at the end of June 2014, when an anonymous source reported that Seleznev and his family were going to vacation in the Maldives. The island state never had an extradition treaty with the United States, so the Russian felt completely safe.

Nevertheless, the Secret Service decided to act. At their request, on July 2, US State Department intelligence officer Mark Smith flew to the Maldives and discussed the plan for a possible operation with the local police commissioner. The next day, Secret Service investigator Daniel Schwondner and David Iacovetti, representing the interests of the Secret Service in Hawaii, flew to the capital of the state, Male, from Thailand.

According to the original plan, local police officers were supposed to detain Seleznev on the morning of July 5, immediately after passing through passport control. The Russian was supposed to be handed a document about deportation from the country, and then handed over to agents of the US Secret Service. After this, the detainee was to be flown on a private plane to the island of Guam.

This plan almost fell through at the very last moment. When less than a day remained before Roman Seleznev appeared at the airport, the Maldivian police unexpectedly announced that they could detain the Russian only if he was included in the Interpol “red list”. This is exactly what American law enforcement tried to avoid, believing that such widespread publicity would cause an immediate reaction from Russian authorities, who might try to warn Seleznev.

Nevertheless, the Americans agreed with the new demand of the Maldivian police. True, an official request to Interpol was sent only when Roman Seleznev and his family had already taken off on an amphibious aircraft from the five-star resort where they were vacationing, heading to the capital’s airport.

After that, the agents no longer lost sight of the hacker: even on the bus that was taking the Russian’s family to the airport, US Secret Service officers sat right behind the suspect.

Once again, a successful operation almost failed when the detainee was already handed over to American agents and transferred aboard a small private plane. According to the weather service, a storm was beginning in the area of ​​​​the island of Guam, and the pilots did not want to take on unnecessary risks. As one of the participants in the operation later explained, they faced a difficult choice. Delaying the flight for a day, as the pilots demanded, would mean that the detainee would have to be returned to the hands of Maldivian law enforcement officers. And this, in turn, threatened diplomatic and legal problems with Moscow. Landing a plane on the territory of a third country on the way to Guam in the event of a prolonged storm also threatened diplomatic difficulties. In the end, the agents decided to take a chance, and 12 hours later the plane with the Russian on board made a safe landing on American soil.

Roman's common-law wife Anna Otisko and his father, deputy Valery Seleznev

Hope for Trump

The arrest of Roman Seleznev caused an immediate reaction in Russia. The Ministry of Foreign Affairs regarded the detention of the hacker as “a kidnapping and a flagrant violation of international norms,” and at the same time recommended that Russians refrain from visiting the Maldives if there are suspicions that law enforcement agencies of third countries may make claims against them. The suspect's father, State Duma deputy from the LDPR faction Valery Seleznev, offered a reward of 50 thousand dollars to anyone who provides a video recording of his son's detention. The parliamentarian claims that Seleznev Jr. cannot be involved in hacker attacks because he does not have the appropriate skills. In addition, he was injured during a terrorist attack in Morocco, where he was vacationing in 2011, underwent several operations and, according to relatives, is forced to take medication daily.

In October 2014, for example, the Washington State Attorney's Office accused the Russian's lawyers from the law firm Fox Rothschild of providing the defendant with prohibited items and letters, as well as facilitating secret telephone conversations with Russia.

In a sworn affidavit at the time, U.S. Bureau of Prisons employee Christopher Siwalek, who is in charge of security at the Seattle federal prison, said that immediately after his transfer, Roman Seleznev was placed in solitary confinement. The reason was security reasons. The prison administration noted that the Russian’s case was “constantly covered in the media,” and he himself is “the son of a prominent foreign politician” and “has significant financial resources.” Because of this, Seleznev “could become the object of threats, blackmail and extortion from other prisoners.”

The first serious violation was recorded on August 18, 2014, during a meeting between Roman Seleznev and his lawyers. One of the guards heard loud Russian speech through the door and, entering the room, saw that one of the lawyers was holding his mobile phone at the slot, and the Russian was talking to someone on it. The use of mobile communications in prison is strictly prohibited, so the head of the prison signed an order according to which all visitors to Roman Seleznev must undergo special searches. Nevertheless, already on August 20, an ultra-thin mobile phone was found in the possession of one of the Russian’s lawyers at the entrance to the prison. After this, the slot in the window in the meeting room was closed, and the lawyers were required to hand over documents through the guards.

Incidents with mail arriving to Russians were also recorded. Thus, in an envelope allegedly containing “legal documentation” and sent from the New York law office of lawyer Arkady Bukh, a note written in Russian was found from an inmate of the Brooklyn MDC prison, signed “VladH.” The prosecutor's office does not disclose his full name, but claims that he is one of Roman Seleznev's accomplices. The author of the note gave the “colleague” a number of tips on behavior during the trial and recommended changing lawyers, turning to Arkady Bukh for help. “Pindos lawyers are all really greedy, they will f... you like a cesspool cat,” the author of the message assures. - Now imagine a frame: on one side are Pindos, on the other are Pindos lawyers. I believe that you have up to x amount of money, but if you want to act wisely, take Arkasha, listen to him and his advice.”

However, Seleznev did not take advantage of this advice, and in April 2015 he completely refused the services of his sixth team of lawyers, asking the court to provide him with a free lawyer. The state attorney's office immediately opposed this. The prosecution alleged that the Russian, arrested in the Maldives, lived there in a room costing $1,470 per night and spent about $40,000 on air tickets for himself and his family alone. According to the prosecutor's office, the defendant also purchased an apartment in Bali for $800,000 and led a “luxurious lifestyle.” With just one of his credit cards, he spent $130,000 on personal expenses in less than a year and a half. In the computer seized from the arrested person, investigators found information about expensive cars and real estate belonging to him, and the defendant had $18 million in just two bank accounts.

The judge, however, did not agree with this argument. “There is no evidence that he has access to these resources at this time. The fact that he may have such access in the future and be able to pay the costs cannot be an argument for the court,” Richard Jones ruled.

Judging by the transcripts of the Russian’s telephone conversations, which were provided to the court, Roman Seleznev himself hopes more not for his lawyers, but for a change in the political climate in America. In one of the conversations with his common-law wife Anna Otisko, for example, the Russian said that the prosecutor’s office had offered him to reduce his possible sentence to 17 years in prison in exchange for admitting guilt. “They used to talk for 20 years,” Seleznev consoled her with a laugh. - And now less... It seems that political relations are improving - Trump will be their president. He and Putin seem to get along."

Deputy Valery Seleznev convinced his son that if Donald Trump comes to power, the Russian hacker could go free. During a conversation on December 20 last year, he noted that he did not have long to wait.

"You know what I mean?" - he asked. “That’s what I hope,” the son replied.

Constant talk about the upcoming US elections forced the prosecutor's office to file a separate petition in the Seattle court. “The defendant’s false and naive belief that the American political situation could somehow affect his case is a constant theme in his conversations with his father,” the document says. “This belief of the accused is baseless, but it encourages him to constantly come up with excuses to delay the trial.”

The fact that representatives of the prosecutor's office were right became clear at the end of August this year. The jury found Roman Seleznev guilty of 38 counts out of 40 contained in the criminal case. Officially, the Russian faces up to 34 years in prison, but the final sentence will be pronounced only on December 2. However, the American judicial story of Roman Seleznev will not end there yet. After this, they are going to bring him to court in Nevada, where the Russian will be tried under the famous RICO law, which was adopted to combat the mafia and is used in cases of organized crime groups. Observers claim that this law will be used for the first time in a case of hacking computer networks. And then in the Northern District of Georgia, Roman Seleznev faces trial for conspiracy to commit bank fraud.

Authors:

Yesterday, in a court in Seattle, America, Roman Seleznev, the son of State Duma deputy from the LDPR Valery Seleznev, was sentenced to 27 years in prison. Seleznev Jr. was found guilty of being the leader of a hacker group that stole $1.2 billion. The defendant himself, apparently hoping for the judge’s leniency, repented before the verdict.

“The crimes committed bring me great sorrow and shame. I repent of what I did,” the hacker addressed the court before the verdict was announced. From his written statement to Judge Richard Jones, it appears that he had previously maintained his innocence, following the advice of unscrupulous lawyers.

The jury unanimously found the son of State Duma deputy from the LDPR Valery Seleznev guilty of 38 counts of cyber fraud, intentionally causing damage to a protected computer, obtaining information from a protected computer, storing more than 15 unauthorized devices for accessing protected computer networks, and aggravated theft of personal information.

The Russian hacker was convicted exactly according to the sentencing table used in US federal courts. Based on the crimes, the table recommended a prison term of 27 years and payment of compensation in the amount of $169 million. The jury recognized this amount of damage caused by Roman Seleznev, and the Russian has already paid part of it by selling property in Bali and transferring his savings stored in Russian banks.

The prosecutor's office argued that the losses of American legal entities and individuals exceeded $1.2 billion, and requested a 30-year sentence for Mr. Seleznev. The prosecution explained its severity by the Russian’s refusal to cooperate with the investigation after his arrest. His readiness to fight cybercrime became known too late, prosecutors said in documents.

The American lawyer of the Russian hacker, Igor Litvak, petitioned the court that Mr. Jones, when determining the punishment, should not use a legal table, but look with sympathy at the personality of the convicted person. He noted that over the past few months, his client handed over to prosecutors four laptops and six disks of information delivered from Russia, and over two days in March he made contact with investigators who were checking the veracity of his testimony.

The prosecution, however, during this interrogation doubted the veracity and sincerity of the defendant’s testimony and noted that they did not find anything new in the hacker’s revelations. The prosecutor's office believes that Roman Seleznev not only hacked into the computer networks of American restaurants and stores, but also created online instructions for those wishing to use credit card numbers stolen by a criminal group, the leader of which, according to American intelligence services, he was.

Mr. Seleznev sent several letters to Judge Jones in March, which stated his admission of guilt and repentance for the crimes committed. The letter, which appears in the case under serial number 459, is, however, closed at the request of its author. The document contains “sensitive and confidential information,” the non-disclosure of which is in the interests of all parties, lawyer Igor Litvak explained to the court.

It should be noted that while imprisoned in the United States, the Russian defended his associate's degree in criminal law with honors, learned English and attended 15 courses in biblical interpretation. Now Mr. Seleznev intends to continue his studies to obtain a bachelor's degree in business management, court documents say.

Roman Seleznev was detained by US Secret Service agents with the assistance of local police in July 2013 at Male International Airport in the Maldives. Russian authorities claim that Roman Seleznev was kidnapped. Because of Mr. Seleznev’s case, Russia added four US Justice Department employees to its sanctions list.

Russian friends, loved ones and relatives, including his stepmother, asked the court to mitigate the punishment for the repentant hacker. The father of the convicted person, State Duma deputy Valery Seleznev, did not petition the American court on behalf of his eldest son. The deputy yesterday called his son's sentence "a foregone conclusion," noting that he considers him innocent of anything.

Larisa Saenko, New York