Russian POS Hacker Arrested in the Maldives is Son of Russian Parliament Member

The US swooped down and scooped up Roman Valerevich Seleznev, 30, of Vladivostok, who is also know as Track2 and Bulba on Dark Net credit card exchange boards.  Seleznev was evidently vacationing in the Maldives, a popular set of resort islands in the Indian Ocean.  He is responsible for collecting credit card information directly from compromised point of sale (POS) systems, and reselling them on card trader boards on the Internet.  He was indicted in 2011 on:

five counts of bank fraud, eight counts of intentionally causing damage to a protected computer, eight counts of obtaining information from a protected computer, one count of possession of 15 or more unauthorized access devices (stolen credit card numbers), two counts of trafficking in unauthorized access devices and five counts of aggravated identity theft.

He’s also charged in a separate indictment in the District of Nevada with participating in a racketeer influenced corrupt organization (RICO) and conspiracy to engage in a racketeer influenced corrupt organization, as well as two counts of possession of 15 or more counterfeit and unauthorized access devices.

Add it up, and the maximum penalties are 97 years in prison and $750,000 in fines.

It turns out his father is a member of the Russian Duma or parliament, and the Russian Foreign Ministry has weighed in against the United States for this arrest.  There is some speculation in Russia and elsewhere that this move is just a prelude to the US offering Seleznev in trade for Edward Snowden.

I initially thought that this arrest may have been related to the Target Christmas POS breach but at this point that connect has not been made in the press or by the government. 

For more depth check out Krebs on Security (July 7) and Sophos (July 9).


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.