U.S. Announces Takedown of Global Cyber Theft Ring

The US Justice Department announced indictments Wednesday for 36 people accused of running a transnational ring stealing and selling credit card and personal identity data, causing $530 million in losses.

Thirteen members of the “Infraud Organization” were arrested in the United States, Australia, Britain, France, Italy, Kosovo and Serbia, it said.

Created in Ukraine in 2010 by Svyatoslav Bondarenko, Infraud was a key hub for card fraud, touting itself with the motto “In Fraud We Trust.”

It was “the premier one-stop shop for cybercriminals worldwide,” said Deputy Assistant Attorney General David Rybicki.

Members could buy and sell card and personal data for use to buy goods on the internet, defrauding the card owners, card issuers and vendors.

Infraud operated automated vending sites to make it easy for someone to buy card and identity data from them. It had 10,901 approved “members” registered to buy and sell with them in early 2017, and maintained a rating and feedback system for members. 

The senior administrators continuously screened the products and services of vendors “to ensure quality products,” said the indictment.

The group operated moderated web forums to share advice among customers, and operated an “escrow” service for payments in digital currencies like Bitcoin, the Justice Department said.

“As alleged in the indictment, Infraud operated like a business to facilitate cyberfraud on a global scale,” said Acting Assistant Attorney General John Cronan.

The network of indicted Infraud leaders included people from the United States, France, Britain, Egypt, Pakistan, Kosovo, Serbia, Bangladesh, Canada and Australia.

Bondarenko remains at large, but the number two figure in the organization, Russian co-founder Sergey Medvedev has been arrested, according to US officials.