Six people were detained in Russia yesterday, reportedly as part of a hacking gang that stole and sold stolen credit cards. According to Russian media, the arrests were made at the request of Russian Federation Ministry of Internal Affairs investigators.
“The Tverskoy Court of Moscow received petitions from the investigation to select a measure of restraint in the form of detention against six people suspected of committing a crime under part 2 of article 187 of the Criminal Code of the Russian Federation (“Illegal circulation of means of payment”),” as stated by press court clerk Ksenia Rozina to TASS Russian News Agency.
According to Article 187 of The Criminal Code Of The Russian Federation, “The making of counterfeit credit or debit cards, and also of other payment documents, which are not securities, with the purpose of their utterance or their sale.” Russian law enforcement had not identified the detained individuals’ suspected hacking organizations.
However, in probably related news, three carding forums/marketplaces devoted to the theft and sale of stolen credit cards suddenly flashed seizure letters purporting to be from the Russian authorities. It has also been established that the websites for SkyFraud, Ferum, and Trump’s Dumps have been seized by Management “K” of the BSTM of the Ministry of Internal Affairs of Russia.
While these seizure notices specify the same Russian Criminal Code crime as the six people arrested today, it is unclear whether the notifications are genuine or linked. Security researcher Soufiane Tahiri also identified a secret message for other Russian hackers in the source code for the sky-fraud.ru seizure notice, which reads “КТО ИЗ ВАС СЛЕДУЮЩИЙ?” The English version of this warning is – “WHICH OF YOU IS NEXT?”
These are the Russian authorities’ third hacker gang to be apprehended since 2022. Russia seized $6 million in January and detained fourteen people linked to REvil, a renowned ransomware organization responsible for several intrusions worldwide. Russia also detained the leader of the Infraud Organization, a hacking gang that caused more than $560 million in damages to businesses throughout the world, at the end of the month.
This wave of arrests by Russia is remarkable since the country has a history of refusing to cooperate in the fight against cybercrime within its borders. However, following the ransomware attacks on Colonial Pipeline and Kaseya by DarkSide and REvil, the White House and Russian authorities have sought to improve collaboration to stop the growing tide of Russian cyber efforts.