Russian POS Hacker Arrested in the Maldives is Son of Russian Parliament Member

The US swooped down and scooped up Roman Valerevich Seleznev, 30, of Vladivostok, who is also know as Track2 and Bulba on Dark Net credit card exchange boards.  Seleznev was evidently vacationing in the Maldives, a popular set of resort islands in the Indian Ocean.  He is responsible for collecting credit card information directly from compromised point of sale (POS) systems, and reselling them on card trader boards on the Internet.  He was indicted in 2011 on:

five counts of bank fraud, eight counts of intentionally causing damage to a protected computer, eight counts of obtaining information from a protected computer, one count of possession of 15 or more unauthorized access devices (stolen credit card numbers), two counts of trafficking in unauthorized access devices and five counts of aggravated identity theft.

He’s also charged in a separate indictment in the District of Nevada with participating in a racketeer influenced corrupt organization (RICO) and conspiracy to engage in a racketeer influenced corrupt organization, as well as two counts of possession of 15 or more counterfeit and unauthorized access devices.

Add it up, and the maximum penalties are 97 years in prison and $750,000 in fines.

It turns out his father is a member of the Russian Duma or parliament, and the Russian Foreign Ministry has weighed in against the United States for this arrest.  There is some speculation in Russia and elsewhere that this move is just a prelude to the US offering Seleznev in trade for Edward Snowden.

I initially thought that this arrest may have been related to the Target Christmas POS breach but at this point that connect has not been made in the press or by the government. 

For more depth check out Krebs on Security (July 7) and Sophos (July 9).


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.