Aleksei Burkov, 29, pleaded guilty in the United States to money laundering, device fraud and other crimes after he was caught running an illegal website, called Cardplanet, that sold stolen credit card data.
Burkov had been on the run since 2013 when authorities
identified him as the culprit behind Cardplanet. He took refuge in Egypt, but was
arrested in at Ben-Gurion airport near Tel Aviv in December 2015. After a
lengthy extradition process, he arrived in the United States.
All in all, the stolen credit card data from Cardplanet
was used in purchases totaling over $20 million dollars. Making matters worse, Burkov
had a secondary website called Direct Connection that worked as a gathering
place for cybercriminals, who could advertise their stolen goods, such as personal
identifying information, malicious software or money laundering services.
Members of this exclusive “club” were vetted and had to
meet specific conditions. For example, each new member needed three other
people to vouch for him, and to pay an insurance fee of $5,000.
“Burkov pleaded guilty to access device fraud and
conspiracy to commit computer intrusion, identity theft, wire and access device
fraud, and money laundering, and faces a maximum sentence of fifteen years in
prison when sentenced on May 8. Actual sentences for federal crimes are
typically less than the maximum penalties,” reads the statement
from the US Department of Justice.
Most of the credit card data was stolen in computer
intrusions, and the majority belonged to US citizens. Over a span of five
years, data for more than 150,000 stolen credit card was sold on the website, at
prices as low as $2.50. There was even a refund policy for burned cards,
according to the indictment.