The author of the FastPOS malware that affected point-of-sale (POS) systems has pled guilty to RICO charges in the US. Valerian Chiochiu, aka “Onassis,” “Flagler,” “Socrate,” and “Eclessiastes,” 30, is a national of the Republic of Moldova. The court documents claim he was resident in the US when he wrote and distributed the software. He is the second member of the Infraud gang to plead guilty in the last month.
“Over the course of seven years, Infraud and its alleged conspirators created a sophisticated cybercriminal racketeering scheme that victimized individuals, merchants, and financial institutions to the tune of over half a billion dollars in losses,” said Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division.
“The Justice Department is committed to unmasking cyber criminals and their criminal organizations that use the internet for fraudulent schemes.”
What was FastPOS?
FastPOS was a piece of malware first identified in 2016 that infected point-of-sale systems. It got its name from the speed with which is exfiltrated stolen data. Rather than batch the data and send in one larger transaction, it stole the data in real-time. It enabled the attackers to quickly exploit the stolen card data from the victim.
Trend Micro who first detected FastPOS believe it was deliberately designed to affect smaller retailers. These are less likely to have complex security processes or even dedicated IT staff. As such, a simple phishing attack against the company would be enough the get the malware installed.
The US Department of Justice says that FastPOS made over US$568 million while active.
Who were Infraud?
The US Department of Justice (DoJ) describes Infraud as: “an Internet-based cybercriminal enterprise engaged in the large-scale acquisition, sale, and dissemination of stolen identities, compromised debit and credit cards, personally identifiable information, financial and banking information, computer malware, and other contraband.”
Infraud operated from 2010 to 2018 and at one point in 2017, had over 10.901 registered members. In February 2018 the US DoJ shutdown Infraud. That resulted in it indicting 36 individuals for their involvement with Infraud.
Last month, co-founder of Infraud, Sergey Medvedev, co-founder of Infraud, pled guilty to his role in Infraud. His co-founder, Svyatoslav Bondarkeno, remains at large.
Enterprise Times: What does this mean?
Like many complex cybercrime cases, this one shows how long it can take between the takedown of a criminal organisation and sending people to jail. It also shows how many people continue to evade justice despite being named and put on criminal watchlists.