Two men plead guilty to role in worldwide hacking operation

Share this article:
Lauri Love, a 28-year-old UK man, was arrested at his home Friday.
The men led "cash out" operations for an international scheme.

Two men pleaded guilty in a New Jersey federal court to crimes linking them to an international hacking operation, which attempted to steal at least $15 million from U.S. bank customers.

On Monday, the Robert Dubuc, 40, of Malden, Mass., and Oleg Pidtergerya, 49, of Brooklyn, N.Y., admitted their involvement, the U.S. Department of Justice (DOJ) announced.

Each man pleaded guilty to one count of wire fraud conspiracy and one count of conspiracy to commit access device fraud and identity theft.

According to the DOJ release, Dubuc and Pidtergerya led the “cash out” crews working under a larger, hacking operation, where criminals first hacked the bank accounts of customers of more than a dozen financial organizations worldwide, including JP Morgan Chase, Automatic Data Processing, Citibank and USAA, in order to divert funds to accounts managed by the gang.

Brokerage firms, payroll processing companies, and even government agencies, including the U.S. Department of Defense, were targeted, the Justice Department said.

Dubuc and Pidtergerya managed New York and Massachusetts operations where “cashers” withdrew stolen funds, which were sent to fraudulent bank accounts and pre-paid debit cards opened in other people's names.

“During their guilty plea proceedings, Pidtergerya and Dubuc admitted they were aware fraudulent accounts and cards were created without the consent of the individuals in whose names they were opened,” the release said. “Both men admitted coordinating ATM and bank withdrawals of the stolen funds. In addition they admitted to sending proceeds of the fraud to [alleged co-conspirators] Sharapka and Yanovitsky in Ukraine.”

Pidtergerya and Dubuc are scheduled to be sentenced July  7 and July 8, respectively. They each face a maximum prison sentence of 25 years.

Share this article:

Sign up to our newsletters

More in News

Instagram iOS and Android apps vulnerable to session hijacking

Two researchers wrote about the Instagram app for iOS and Android is vulnerable to session hijacking because both send unsecured information through HTTP.

Report: Hackers stole data from Israeli defense firms

A report by Brian Krebs detailed the intrusions, which occurred between Oct. 2011 and Aug. 2012.

Neverquest trojan targets regional banks in Japan

Symantec researchers found a new variant of the banking trojan.