Russian charged in largest cybercrime ring ever prosecuted in US pleads not guilty
Dmitriy Smilianets is accused of being a member of a team which stole credit card information, costing affected companies more than $300 million
A Russian man accused of being part of the largest cybercrime ring ever prosecuted in the United States pleaded not guilty on Monday to charges that could send him to prison for decades.
His attorney told Reuters that he would fight the charges and that he was looking into possible irregularities with the circumstances of his arrest last year in the Netherlands.
Smilianets wore an orange prison jumpsuit and stood with shackled hands and feet during the appearance with lawyer Bruce Provda before U.S. District Judge Jerome Simandle.
Smilianets is accused of conspiring with a team of hackers from Russia and the Ukraine to steal more than 160 million credit card numbers in a series of breaches that cost victim companies more than $300 million.
The companies infiltrated included financial firms such as NASDAQ and Heartland Payment Systems Inc, along with other well-known names including JetBlue Airways Corp and retailer J.C. Penney Co of Plano, Texas.
Prosecutors allege Smilianets sold the stolen data after it was taken by four other members of his team, including credit card data starting at $10 for an American number and $50 for a European number.
Smilianets was extradited to the United States in September 2012 and has remained in federal custody since. In Russia, he was most widely known as the founder of a championship electronic gaming team called Moscow 5, which traveled the world for competitions. Online, his handles included Dima Brave and Dima Bold.
If convicted, he faces up to 30 years for conspiracy to commit wire fraud, another 30 years for wire fraud and five years each for gaining unauthorized access to computers and conspiracy to gain access.
Also arrested in the Netherlands was Vladimir Drinkman, who remains there fighting extradition. Amid a general worsening of relations with Russia exacerbated by intelligence agency leaker Edward Snowden's flight there, prosecutors last month also unsealed an indictment against another alleged member of the ring still free in that country, Alexandr Kalinin.
Authorities have been pursuing the hackers for years. Many of the breaches were previously reported, though it appeared the one involving Nasdaq OMX Group Inc was disclosed for the first time in July.
Prosecutors said each of the defendants had specialized tasks: Drinkman and Alexandr Kalinin hacked into networks, while Roman Kotov, 32, mined them for data. They allegedly hid their activities using anonymous web-hosting services provided by Mikhail Rytikov, 26, of Ukraine.
Rytikov has not been arrested, but an attorney for him, Arkady Bukh, attended Monday's hearing. Bukh said his client did not know Smilianets.
According to prosecutors, the five men hid their efforts by disabling victims' anti-virus software and storing data on multiple hacking platforms, prosecutors said. They sold payment card numbers to resellers, who then resold them on online forums or to "cashers" who encode the numbers onto blank plastic cards.
The indictment cited Albert Gonzalez as a co-conspirator. Gonzalez is already serving 20 years in prison after pleading guilty to helping mastermind one of the schemes.
Prosecutors say the defendants worked with Gonzalez before his arrest in Miami, then continued on a crime spree after his capture.
Kalinin and Drinkman were previously charged in New Jersey as "Hacker 1" and "Hacker 2" in a 2009 indictment charging Gonzalez in connection with five breaches.
The NASDAQ breach did not include the trading platform that allows NASDAQ customers to buy and sell securities, prosecutors said. Officials with NASDAQ declined to comment.
An official briefed on that incident said the group wasn't able to get any money from their NASDAQ access.
Other victims included Dow Jones, Wet Seal Inc and 7-Eleven Inc, according to prosecutors.
Dow Jones said in a statement that there was "no evidence" that information of Dow Jones or Wall Street Journal customers information was compromised as a result of the breaches.