Two members of an international cybercrime operation have pleaded guilty in federal court in New Jersey to their roles in an identity theft and fraud scheme that attempted to steal at least $15 million.
Robert Dubuc, 40, of Malden, Mass. – who was in court April 1 – and Oleg Pidtergerya, 49, of Brooklyn, N.Y. – who was in court March 31 – each pleaded guilty to one count of wire fraud conspiracy and one count of conspiracy to commit access device fraud and identity theft.
The duo were part of a scheme that targeted more than a dozen banks, brokerage firms, payroll processing companies and government agencies throughout the United States, according to the U.S. Department of Justice.
According to authorities, the two men were recruited by the leaders of the operation to “cash-out” bank accounts and prepaid debit cards opened in the names of others. Oleksiy Sharapka, 33, of Kiev, Ukraine, allegedly directed the conspiracy with the help of Leonid Yanovitsky, 39, also of Kiev. Pidtergerya led a cash-out crew in New York for Sharapka and Yanovitsky, while Dubuc controlled a cash-out crew in Massachusetts for the organization.
As part of the scheme, hackers first gained access to the bank accounts of customers for more than a dozen global financial institutions and businesses, including Citibank, E-Trade and JP Morgan Chase Bank. After obtaining unauthorized access to the accounts, Sharapka and Yanovitsky stole money from them and put it on prepaid debit cards and in bank accounts they controlled.
The next step was to have the “cashers” withdraw the stolen funds from the fraudulent accounts. This was done in a number of ways, including by making ATM withdrawals and fraudulent purchases in New York, Massachusetts, Illinois and Georgia. Both Sharapka and Yanovitsky are under indictment but remain at large.
As part of their guilty pleas, Pidtergerya and Dubuc admitted they knew about the fraudulent cards and coordinated ATM and bank withdrawals of the stolen funds. In addition, they admitted to sending proceeds of the fraud to Sharapka and Yanovitsky in Ukraine.
The wire fraud conspiracy count carries a maximum penalty of 20 years in prison, while the conspiracy to commit access device fraud and identity theft charge carries a maximum sentence of five years in prison. Each count also carries a maximum $250,000 fine, or twice the gross gain or loss from the offense.
Sentencing is scheduled for July 7 for Pidtergerya and July 8 for Dubuc.
More from Brian Prince
- U.S. Healthcare Companies Hardest Hit by ‘Stegoloader’ Malware
- CryptoWall Ransomware Cost Victims More Than $18 Million Since April 2014: FBI
- New Adobe Flash Player Flaw Shares Similarities With Previous Vulnerability: Trend Micro
- Visibility Challenges Industrial Control System Security: Survey
- Adobe Flash Player Zero-Day Exploited in Attack Campaign
- Researchers Demonstrate Stealing Encryption Keys Via Radio
- Researchers Uncover Critical RubyGems Vulnerabilities
- NSA, GCHQ Linked to Efforts to Compromise Antivirus Vendors: Report
Latest News
- OpenAI Unveils Million-Dollar Cybersecurity Grant Program
- Galvanick Banks $10 Million for Industrial XDR Technology
- Information of 2.5M People Stolen in Ransomware Attack at Massachusetts Health Insurer
- US, South Korea Detail North Korea’s Social Engineering Techniques
- High-Severity Vulnerabilities Patched in Splunk Enterprise
- Idaho Hospitals Working to Resume Full Operations After Cyberattack
- Enzo Biochem Ransomware Attack Exposes Information of 2.5M Individuals
- Apple Denies Helping US Government Hack Russian iPhones
