NEW YORK
Federal authorities extradited a Turkish man who was the alleged mastermind of a global cybercrime spree, announced today.
Ercan Findikoglu, a Turkish citizen also known as “Segate,” is accused of organizing three worldwide cyberattacks
The defendant’s organization used sophisticated intrusion techniques to hack into the systems of global financial institutions, steal prepaid debit card data and eliminate withdrawal limits, officials stated.
The stolen card data was then disseminated worldwide and used in making fraudulent ATM withdrawals on a massive scale across the globe, according to authorities.
The charges announced today follow charges previously brought against other members of the organization, including members of a New York City cell charged in May 2013 in connection with their roles in two of the attacks.
The defendant is scheduled to be arraigned today before U.S. Magistrate Judge Lois Bloom.
“Cybercriminals, and especially hackers as this defendant is alleged to be, wreak havoc and steal millions of dollars by breaching our information systems and networks with clicks and keystrokes from the perceived anonymity of their computers at locations all over the globe,” said Acting U.S. Attorney Kelly T. Currie. “However, in doing so they leave traces in digital space that allow law enforcement to identify, apprehend and ultimately hold them accountable for their crimes.”
On Dec. 18, 2013, Findikoglu was arrested in Frankfurt, Germany, and yesterday was extradited to the United States.
The Secret Service investigated this case.
“For the past twenty years, Special Agents assigned to the Secret Service New York Electronic Crimes Task Force have worked closely with our law enforcement partners, the business community and our partners in academia to pursue cybercriminals who have taken aim at our homeland’s financial infrastructure. Today, we recognize our international law enforcement partners who were instrumental in the extradition of Ercan Findikoglu,” said U.S. Secret Service Special Agent in Charge Robert Sica.
Adding, “The significance of this case cannot be understated as Findikoglu is the alleged mastermind behind the global ATM cashout operations which plagued the financial services sector from 2010 until his capture in late 2013. The Secret Service and its international partners remain committed to solving complex financial crimes as well as tracking down and bringing to justice significant cybercriminals who pose a threat to payment systems worldwide.”
The indictment alleges the following facts:
Findikoglu gained unauthorized access to, or “hacked,” the computer networks of at least three payment processors for various types of credit and debit card transactions (the Victim Processors).
He then targeted Visa and MasterCard prepaid debit cards serviced by the Victim Processors, breached the security protocols that enforce withdrawal limits on those cards, and then dramatically increased the account balances on those cards to allow withdrawals far in excess of the legitimate card balances.
Findikoglu allegedly managed a trusted group of co-conspirators who disseminated the stolen debit card information to leaders of “cashing crews” around the world; they, in turn, used the stolen information to conduct tens of thousands of fraudulent ATM withdrawals.
During these operations, Findikoglu allegedly maintained access to the computer networks of the victim processors in order to monitor the withdrawals.
These coordinated, calculated cyberattacks are known in the cyber-underworld as “Unlimited Operations,” because the manipulation of withdrawal limits enables the withdrawal of literally unlimited amounts of cash until the operation is shut down, officials stated.
Cash Withdrawn from Cybercrimes
- In one operation on Feb. 27 and 28, 2011, cashing crews withdrew approximately $10 million through approximately 15,000 fraudulent ATM withdrawals in at least 18 countries.
- In a second operation on Dec. 22, 2012, cashing crews withdrew approximately $5 million through more than 4,500 ATM in approximately 20 countries.
- In a third operation on Feb. 19 and 20, 2013, cashing cells in 24 countries executed approximately 36,000 transactions and withdrew approximately $40 million from ATMs.
- During this third operation, in New York City alone, cashing crews withdrew approximately $2.4 million in nearly 3,000 ATM withdrawals over the course of less than 11 hours.
Once the funds were extracted, Findikoglu and high-ranking members of the conspiracy allegedly received the proceeds from other co-conspirators in various forms, including by wire transfer, electronic currency and the personal delivery of U.S. and foreign currency.
On one occasion, members of a New York City cashing crew transported approximately $100,000 to co-conspirators in Romania, authorities stated.
Findikoglu directed a co-conspirator to destroy evidence of their criminal activities after learning that a member of a New York cashing crew had been arrested, officials allege.