Threat Management

Easily guessed password led to downfall of Russian cybercriminal’s empire, DOJ officials say

The fate of convicted Russian hacker Roman Seleznev was all but sealed after federal authorities were able to easily gain access to his confiscated laptop containing incriminating information, according to U.S. Department of Justice officials who spoke at Black Hat on Wednesday.

When Seleznev was arrested in 2014 while vacationing in the Maldives, "law enforcement was able to grab his laptop, his iPhone, his passport, [and] his travel documents, said Harold Chun, trial attorney with the DOJ Criminal Division's Computer Crime and Intellectual Property Section (CCIPS). "And what these things did was confirm all of the attribution that had been gleaned throughout the investigation year and year."

While probing this seized evidence, authorities noticed Seleznev's email account repeatedly made reference to the term "Ochko," which Chun said is the Russian term for "butthole." (Note that Google Translate was not especially helpful in confirming this.)

Looking to access Seleznev's password-protected laptop, investigators quickly tried "Ochko123" as a password and immediately gained access. On that computer, authorities found 1.7 million stolen credit card numbers, as well as webpages that Seleznev set up to teach people how to use stolen card numbers. "This is basically, more or less, a slam dunk," said Chun, noting that the sensitive laptop files weren't even encrypted.

At trial, Seleznev's legal team attempted to argue that an actor – perhaps the U.S. government – framed him by hacking his computer. To disprove this theory, said Chun, the DOJ called in its computer forensics experts, who used Microsoft Windows artifacts to show that the last person to use the laptop was logged in on a Wi-Fi network owned by the very Maldives resort where Seleznev was vacationing.

In April 2017, Seleznev was sentenced to 27 years in prison, after being found guilty on 38 counts stemming from his history of hacking into point-of-sale computers in order to steal credit card numbers and sell them on the online underground. According to the DOJ, Seleznev defrauded victims of more than $169 million.

Bradley Barth

As director of community content at CyberRisk Alliance, Bradley Barth develops content for SC Media online conferences and events, as well as video/multimedia projects. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.