On a cold day on January 18, 2001, Maxim Igorevich Popov, a 20-year-old Ukrainian boy, nervously pushed open the doors of the American Embassy in London. He could have been mistaken for a student exchange program participant who came to get a visa, but in reality Maxim was a hacker, a member of an Eastern European hacker group that attacked American commercial companies, making money from extortion and fraud. The wave of such attacks seemed to herald a new phase of the Cold War between the United States and organized hacker groups in the former Soviet bloc. Maxim Popov, with a childlike face, glasses and a short haircut, was going to be the first defector in this war.
This was preceded by four months of telephone conversations and two preliminary visits to the embassy. Now Popov has met with the assistant legal attache of the FBI to present his passport and approve the final agreements. Once the formalities were over, he soon wandered through the winter chill of Grosvenor Square to the hotel room the embassy had rented for him. He opened his laptop, as well as the hotel's minibar, and read the new mail, emptying small bottles of whiskey until he passed out. The next day, January 19, 2001, Popov, accompanied by FBI agents, arrived at the airport and boarded a TWA flight to the United States.
Maxim was nervous, but it was a joyful excitement. He left his parents, the institute, and all that was familiar, but in the United States, he will become more than just a dutiful son and student. Popov was wanted and involved in an international conspiracy, as a character in one of the cyberpunk novels he loved so much. He will provide services to the government for a hefty fee, using his knowledge in the field of information security, and then launch an Internet startup to make a fortune and become rich. Those were the plans.
But when the plane landed, it became clear that the contract works a little differently. Friendly former FBI agents threw Maxim into isolation, and returned an hour later with a federal prosecutor, a lawyer,and terms of a deal that were not discussed: Popov would become their informant, working seven days a week to lure his accomplices into the FBI's traps. If he refuses, he will go to jail.
Maxim was completely taken aback. He realized that he had been tricked. The guy was placed under round-the-clock FBI protection in a safe house in Fir Lakes, Virginia, and ordered to communicate with his friends in Russian-language chats, while the bureau recorded everything. But Maxim had his own tricks up his sleeve. He only pretended to cooperate, and he used colloquialisms incomprehensible to Americans to warn his comrades that the US government had taken him into custody. When the agents finally received the translated logs three months later, they were furious. Maxim was immediately taken from the safe house to a cell in a small local prison, intending to face charges for past cybercrimes. The Ukrainian behaved defiantly: "Go to zh%pu," he said. "You don't know what you're dealing with." But the guy was scared. Prosecutors from all over the country lined up to participate in the trial. It seemed that nothing could save you from the bleak future of prison cells and endless American courts.
Ernest “E. J.” Hilbert, an agent from the FBI's backwater Santa Ana, California office, thought otherwise. He knew better than anyone that the government needed Popov.
Gilbert realized that the United States was at a crucial stage in the development of computer crime. During the 90's, hacking was a sport for entertainment. But in the 2000s, the first tremors of an impending earthquake came from Eastern Europe. Signs were everywhere if you knew where to look: changes in the types of websites being hacked, the volume of spam and phishing attacks, a surge in credit card fraud after years of steady decline. Hacking was becoming a professional and lucrative activity.
In 2001, Ukrainian and Russian hackers launched the CarderPlanet website, which gave the underground community an additional dangerous advantage: scalability. CarderPlanet operated as a universal marketplace for buying and selling credit card numbers, passwords, stolen bank accounts, and sensitive data. The site featured paid advertising, an eBay-style rating system, and a well-organized forum. For the first time, a novice carder could find all the necessary materials to work on a single site. Thousands of new users were registered.
Gilbert came to the conclusion that he could hack this system. But first, he needed to crack an angry Ukrainian hacker who had already screwed the FBI once.
Maxim Popov grew up in the 1,000-year-old city of Zhytomyr, a two-hour drive west of Kiev, at a time when Ukraine was taking its first steps after the collapse of the Soviet Union. He learned computers early, getting his first high school education on clunky Ukrainian-made IBM XT clones called Poisk-1. On his 15th birthday, his father bought him a home computer and modem, and Maxim went online for the first time.
Raised on cyberpunk science fiction and the 1995 film Hackers, Maxim Popov knew two things from the start. First, he will become an outlaw hacker. Secondly, he will earn money from it. Maxim found a lot of like-minded people on Russian-language forums. In the late 90's, the former Soviet republics were literally teeming with smart young programmers, who at the same time did not have special career prospects. Carders and hackers started Suva's own dot-com gold rush by stealing credit cards from American online stores.
Popov was not as technically savvy as many of his colleagues, but he had a talent for manipulating people and a good command of English. He began to make money by cashing out money from stolen credit cards, using almost perfect English to confirm fraudulent orders in American stores over the phone. Business was going well for about a year, but stores gradually became suspicious of delivery addresses from Eastern Europe, so the scheme went bad.
At the same time, local bandits found out about Maxim's big earnings and began to visit him, extorting money. Popov realized that he himself could apply the extortion scheme in a more elegant way. He and his friends hacked the computers of one company, copied the user base, and then Popov himself contacted the company and offered the services of an "information security consultant" so that the fact of hacking remained secret, and the database was not published — with the appropriate payment for their services.
In July 2000, they hacked into E-Money, a now-defunct electronic payment system based in Washington, and stole the credit card details of 38,000 customers. From the Western Union website, they extracted another 16,000 user records, including names, addresses, passwords, and bank cards. Popov contacted companies and offered protection against hacking and destruction of stolen data for a small fee of consulting services in the amount of $50,000 to $500,000.
However, the tactic brought an unpleasant result. E-Money delayed negotiations by secretly contacting the FBI, and Western Union publicly announced the hack, depriving the hacker of any hope of getting the money. His efforts came to nothing, and the pressure of neighboring groups was growing. Popov felt trapped in Zhytomyr, surrounded by middle-class crooks and threatened with violence. He began to think of a bold move: siding with the American police. Maxim thought he might run away from Ukraine and pass himself off as a reformed hacker and computer security expert in a land of open opportunities.
As a result, he was locked up in a St. Louis prison near the Western Union office. At least until Agent Gilbert came for him.
A strict family man, like something out of a 50s TV show, Gilbert looked exactly what a federal agent should look like, with serious eyes and neatly combed dark hair. At the age of 29, he gave up his career as a school history teacher to fulfill a long-held dream and wear an FBI badge. From the first case, he was assigned to deal with cybercrime: he tracked down an experienced Ural hacker who broke into the computers of a commercial company in Anaheim, California, and then helped set up a trap to lure this hacker to Seattle, where the FBI could arrest him. Gilbert understood hackers. As a kid from suburban San Diego, he dabbled in innocent hacking himself, adopting the nickname Idolin — an ancient term meaning ghost or spirit.
Gilbert knew that the Russian-speaking and experienced crook Popov was able to get into places where the FBI was not allowed to enter, through underground chat rooms and forums, establishing connections with community members and providing the bureau with much-needed evidence and operational information. The trick was to start gently courting Popov, stroking his ego, and showing respect for his hacking prowess.
Gilbert discussed the plan with the Los Angeles prosecutor who was handling the case against Maxim Popov, and soon the two met with the Ukrainian hacker and his lawyers at the St. Louis prosecutor's office. They explained the terms of the deal. Popov will serve his sentence in Missouri, and the government will combine the rest of the cases and transfer them to Southern California, where the hacker will work out all the charges, becoming an undercover agent for the FBI.
This time Maxim was not required to pawn his friends. His targets were strangers that the hacker had no sympathy for. Gilbert called it an intelligence gathering mission, like in the James Bond movies. "I really respect the skills you have," he said. Popov signed a plea bargain and accepted the government's offer in March 2002. Gilbert had a mule.
Popov couldn't turn down the chance to show off his skills. As soon as he got off the Con Air flight to California, he was already sitting at a computer designed for studying legislation in the library of the Santa Ana prison. He found that the machine was connected to the prison's local network, and in a few keystrokes, Maxim sent out "profane comments and observations" — as the disciplinary report later pointed out-to printers in all the offices. The guards laid him face down on the floor, but Popov did not regret what he had done. In prison, even the smallest hack was a breath of fresh air.
The long-awaited relief came in August, when Gilbert and another agent took the hacker out of his cell for his first day on the job. During the procedure, which has become a daily routine, the prisoner's legs and arms were chained up while he was taken to the car. After a short trip, they would open the back door of an office building and lead Maxim into a small room furnished with office furniture, with several Windows computers confiscated during an anti-piracy raid. Gilbert was strapping his handcuffs to a desk in front of a computer and a Cyrillic keyboard. Maxim was ecstatic. Compared to the prison, the gray office looked like a presidential suite. He could do anything here.
The operation was called Ant City. Back online, Popov took on a new identity, started hanging out in underground chat rooms and posting messages on CarderPlanet, posing as a prominent Ukrainian scammer who constantly needed credit cards. His first major target was one of the top men in CarderPlanet's secret hierarchy: a mysterious Ukrainian hacker known only by the nickname Script. Popov contacted him in early September, and the two began to correspond directly in ICQ. Two weeks later, Popov agreed to buy $400 worth of stolen credit cards. By sending electronic information to the buyer in California, the Script became a criminal in the US jurisdiction. Subsequently, the evidence obtained will lead to the detention of the hacker by the American police, although he will be released six months later [now a deputy of the Verkhovna Rada of Ukraine-approx. trans.].
Such "control purchases" of stolen cards were a key element of Gilbert's strategy: scattering some money became an easy way for Popov to establish contacts, and after receiving the cards, Gilbert could find out the source of the leak through credit companies. Popov continued to make deals and gather intelligence.
Sometimes they worked for several hours, and sometimes they worked for 10 hours a day. Regardless of the hacker's success, each day ended the same way: Gilbert returned home to his family, and Popov-to a dirty prison cell. But one day on Thanksgiving, a federal agent made an unexpected surprise for his ward. When Popov arrived at work, he saw a projector on the table, aimed at the wall. Gilbert tapped a couple of buttons on his laptop, and the opening credits of The Lord of the Rings: The Fellowship of the Ring, which had just been released on DVD, appeared on the screen.
For lunch, Gilbert brought real holiday food: stuffed turkey with cranberry syrup and sweet potatoes, and even pumpkin pie. Maxim was touched, because Gilbert decided to spend part of the weekend with him, and not with his own family.
Agent Gilbert was so pleased with Popov's success that he bought him a Thanksgiving dinner and brought him a Lord of the Rings movie projector
Rumors about the Ant City operation spread throughout the Bureau, and over time Gilbert began to receive requests from other FBI departments to investigate specific hacks. The biggest one occurred in February 2003: 8 million customer bank cards were stolen from the processing company Data Processing International. Popov started asking about DPI on forums, and one of his acquaintances, a 21-year-old Russian student under the nickname RES, said that he knew three hackers who carried out this hack.
Popov boldly stated that he wants to buy all 8 million cards for $200,000, but first he wants to get a small sample. This sample would allow Gilbert to determine that the maps are indeed derived from DPI computers. But RES only laughed at the suggestion. Popov's relatively modest past purchases did not indicate that he had two hundred thousand dollars.
Gilbert came up with a solution. Maxim was dressed in street clothes and escorted by FBI agents to a nearby bank for security, which agreed to cooperate. Employees of the bank took $200,000 in hundred-dollar bills out of the vault and put them on the table. Gilbert removed Maxim's handcuffs and recorded a short video of him shuffling wads of cash.
"Look, I'm showing you bablos," Popov said in Russian. — It's real fucking money, no bullshit. I'll put it in my own account." He took a bill out of the wad and held it close to the camera: "All the fucking watermarks, all the shit is here. He tossed the bill disdainfully on the table. - So call the lads and let's fucking solve the case!"
The video satisfied the Russians. Determining the identity of RES was even easier. Popov mentioned that he earned some of the money while working for the Hermes-Plast company, which manufactures plastic cards. Assuming that the Russian hacker himself would try to get a job at this company, he gave a link to their website and the email address of the alleged boss Anatoly Feldman.
RES sent the CV to Feldman's address on the same day, along with a scanned copy of his national passport of the Russian Federation.
Of course, "Hermest-Plast" was a fictional company that Gilbert and Popov organized. The FBI now knew RES ' real name, date of birth, and address. This surprisingly simple trick worked over and over again. One thing Popov has always known about Eastern European hackers: they always need a job.
After 8 months of working for the bureau, on April 8, 2003, Maxim Popov was taken out of the Santa Ana prison and escorted to court for sentencing. At the request of the US government, federal Judge David Carter handed down a sentence of repayment of the prison term and three years of judicial supervision. The judge immediately ordered all records of this verdict to be sealed.
28 months after he boarded a plane to the United States, Maxim Popov finally found himself free-in the middle of California's Orange County, 13 kilometers from Disneyland and on the other side of the planet from his native Zhytomyr. His immigration status was unclear. Maxim didn't have a green card or social security number, so he couldn't get a legal job in America or a driver's license. Gilbert arranged for the FBI to rent him an apartment near the beach and pay him a thousand dollars a month "stipend" for participating in Operation Ant City. But Popov was never able to get used to the routine of living in the suburban heat in the middle of freeways and shopping centers. One day in July, he was standing at a bus stop near the probation office when a local resident approached him, he was drunk, behaved aggressively and swore. Maxim Popov hit him lightly, but the local resident lost consciousness and sprawled on the sidewalk. In a panic, Maxim called the FBI, already imagining that he would be sent back to prison. He was determined that if he could get out of this, he would go home.
Judge Carter gave Popov permission to visit Ukraine, with the condition that he must return to California by August 18, where he must live the rest of his three-year sentence under judicial supervision. Gilbert drove him to the airport and said goodbye, knowing that he would never see him again.
Operation Ant City has ended. Gilbert estimates that about 400,000 stolen credit cards were identified on the black market during this time, and more than 700 companies were warned that they were hacked by hackers from Eastern Europe. Ten suspects were charged, including Script, but none were extradited.
Gilbert kept in touch with Popov after his return to his homeland. He founded his own business, opened a company called Cybercrime Monitoring Systems (Cycmos). As Popov himself describes it, the company tracks underground markets and sells intelligence to companies that are being prepared or have already been attacked. Gilbert confirmed that it was true. Apparently, Maxim Popov started applying the skills he learned during the Ant City operation to his business. He also sent Gilbert a steady stream of leads and information, out of old friendship.
On New Year's Eve 2004, Gilbert's cell phone rang: "Hey, you know what? This was Popov saying in his smooth, pleasant accent, " There's something new here." He explained that it was a big hack. And, tellingly, this time the victim was not some company, but the FBI itself.
Popov followed a hacker group that specialized in working with the pre-Internet-era X. 25 network protocol, which was used in the early packet-switched public networks in the 70s and 80s. By 2004, Protocol X.25 was as outdated as Betamax in relation to VHS, but the old networks still supported it for backward compatibility in thousands of corporations and government agencies around the world.
Russian hackers were digging through these ancient networks, and one day they came across something interesting. They infiltrated the computer network of the AT&T data center in New Jersey, where mail servers of a number of US government agencies were installed under contract. One of them was the FBI, which gave the Russians access to the correspondence of all agents with email addresses fbi.gov.
Gilbert hung up and immediately called his supervisor. He was soon on a plane to Washington to lead the investigation. Gilbert got the FBI to allocate $10,000 to pay for the services of Cycmos, which will get any material stolen from the FBI's servers and identify any of the hackers who participated in the operation. Popov handed over two documents, according to him, obtained from the FBI mailboxes: an 11-page dossier on one of the CarderPlanet administrators under the nickname King Arthur, as well as spreadsheets with a list of cybercrime targets of the FBI and the Secret Service, divided by jurisdiction.
The list of targets was six months old and marked "Law Enforcement Sensitive" ("Confidential information of law enforcement agencies") and "Do not transmit over the Internet" ("Do not transmit over the Internet"). For the community, this was potentially a gold mine, because the documents contained the nicknames — and in some cases the real names — of more than 100 hackers targeted by the US government, with cursory notes like "priority target" or"currently cooperating with the government." The White House was informed about the leak, which raised the stakes even higher. Gilbert asked Popov for more information.
Maxim started digging. He pointed out to Gilbert an underground chatroom where you can find the leader of a hacker group that specializes in X.25. Soon Gilbert himself was communicating with Leonid Sokolov, a student at St. Petersburg University. In the conversation, he confirmed the hacking of the AT&T data center and the theft of documents. Gilbert got what he wanted. It was the biggest case of his career.
"Bablos is real!," Popov said in a video shot for the Russian hacker. - So call the lads and let's fucking solve the case!"
But not without unpleasant incidents. On February 10, 2005, Gilbert was called to FBI headquarters. Five superiors were sitting in the conference room, and an angry federal prosecutor was swearing over the speakerphone.
It turned out that the victims of the X. 25 hacker group were several corporations, and Maxim Popov turned to them, offering his help. One of the victims was Boston's multibillion-dollar EMC, where hackers stole the source code of the popular virtualization software VMware. If the source code is made publicly available, hackers from all over the world can search it for vulnerabilities. VMware is used to isolate virtual machines on a single server, so in the worst-case scenario, an attacker can exploit a bug in the program and exit the isolated environment of a single VM, gaining access to the server and all other virtual machines.
Using his standard business alias "Denis Pinhaus", Popov contacted EMC and warned them about the hack. For the appropriate price, he promised to prevent the source code from being published in the public domain and help in the technical investigation of hacking. As before, Popov gave EMC the name and contact information of an FBI agent who can confirm his reliability: Ernest Gilbert.
Apparently, EMC considered that there was an extortion attempt, and reported to the Boston prosecutor's office. The statement landed on the desk of Stephen Heymann, a tough prosecutor. He specialized in computer hacking, and later became infamous for harassing Internet activist Aaron Schwartz, whom he eventually drove to suicide.
Now Heyman was on the speakerphone demanding an answer: Who is Pinkhouse? Gilbert explained that Pinehouse was an FBI asset who was helping with an urgent investigation. "I need this guy right now," he said. Heyman didn't hesitate. He insisted that charges should be brought against the Ukrainian and that his extradition should be sought. He demanded that Gilbert give up his real name.
Gilbert refused. Heyman had the right to open a criminal case against Pinhaus under his pseudonym and request information about his real name from the FBI through official channels. But he won't get it from Gilbert.
Such a refusal was unacceptable for a prosecutor from Boston, a city that still remembered the dirtiest scandal with FBI informants. Prosecutors have jailed a former FBI agent who spent decades covering for a killer and one of the gang leaders in South Boston for working as an informant. "This is another Whitey Bulger case!" the prosecutor snarled.
The warden ordered Gilbert out of the room. Gilbert went to his computer and texted Popov to stay away from EMC: "Drop it, okay? Gilbert recalls the text. — It's important. Everyone is studying this situation. You need to quit."
Gilbert returned to the AT&T case. Sokolov was charged in a closed session in New Jersey, and a secret Red Notice warrant was issued to Interpol for his arrest as soon as he left Russia and entered a country that signed an extradition treaty with the United States. Popov received a fee and an official letter of thanks from the FBI, which he could post on his website: "We express our appreciation for the assistance provided."
The whole case remained hidden in the dark depths of the FBI's history. The only public mention of the FBI hack.An article in Newsweek in 2005 was published, and the bureau downplayed the incident, saying that no important information was stolen.
Gilbert's argument with the Boston prosecutor had almost faded from his mind. But four months later, the bureau suddenly issued an order to cut off all contact with Popov and hand over more than 600 pages of logs over 18 months of online correspondence. Shortly thereafter, he was transferred from the Cybercrime Division to the Counterterrorism Division.
Gilbert immersed himself in the new task, but eventually noticed something strange. He was barred from any promotions, and agents he'd known for decades stopped talking to him. In August 2006, he applied for the position of chief in the Los Angeles division. When word of the vacancy reached headquarters, Gilbert was suddenly removed from the list of candidates and told not to reapply. "What the hell is going on?" Gilbert asked his superior. It was then that he learned what everyone around him knew: that he was being investigated. For the past year, the Justice Department's Office of the Inspector General has been investigating charges of fraud and conspiracy against the government, as well as leaking confidential law enforcement information — the warning it sent Popov about EMC.
Gilbert was devastated. He'd always wanted to work for the FBI, but an investigation might lower the barrier to his promotion, and he had two kids at home and a third on the way. He began to slowly look for employment opportunities in the private sector, and in February 2007, he went to the office of the chief, handed over his weapon, ID card and quit. That same extraordinary investigation ended his eight-year career with the FBI.
Gilbert was doing well in his new job as a consultant when Popov called him again, out of the blue. More than six years had passed since their last conversation, and this time Popov had no business offer and no valuable information. Only gratitude.
"He called to say thank you for the way I treated him and for my time in prison and how it was all done," Gilbert told me over lunch at an Orange County family restaurant in early 2013. "Now he has come home and changed his life, he has a family now, and he owes me everything he has-these are his words."
The call from Popov only served to stir Gilbert's vague feeling that the government had treated him unfairly. Even after his dismissal, the Inspector General's office continued to investigate him, and once even sent agents to Gilbert's workplace for questioning. In the end, it wasn't until 2009 that the investigation was dropped when the Justice Department formally declined to press charges.
In a conversation with me, Maxim Popov first told the same story as Gilbert. But over time, an additional subtext appeared. Popov harbored a personal grudge against EMC for that story. The fact is that by the time Gilbert called, he had already settled the deal with EMC.
It turned out that simultaneously with the complaint to the prosecutor, EMC Corporation secretly made a deal with Popov in 2005, he says, and paid him $30,000 immediately, and also promised another $40,000 in four payments over four years, provided that the stolen VMware code did not get into public access. He kept his end of the bargain. The code was never published, and the very fact that the corporation's most valuable assets are in the hands of foreign hackers remained unknown to the company's shareholders and customers.
Four years later, he contacted EMC to ask the company to pay him the balance of the total $70,000, but the company refused to pay, he says (EMC representatives declined to comment). By that time, EMC had spun off VMware as a separate business. For Popov, it looked like they were trying to pretend that nothing had happened.
Gilbert went into the chief's office, handed in his gun, ID card, and quit — his eight-year career with the FBI was over.
The obvious disrespect hurt Maxim and he wanted revenge. Popov created a new identity — Hardcore Charlie, a hacktivist from the Anonymous movement. On April 23, 2012, almost eight years after the theft, the first 520 lines of VMware source code were made publicly available.
Despite the age of the source code, information about the leak caused a stir in the computer world and raised the ears of employees in the offices of VMware in Palo Alto. The 2004 hack long ago disappeared from corporate memory, and some of the stolen kernel code was still used in the latest version of the product. Security Director Iain Mulholland, a former British Army officer, launched a massive damage reduction operation and hired all the auditors he could lay his hands on to look for vulnerabilities in the kernel code. The company released the first of numerous security updates that patched the holes found, just 10 days later. By the time Popov posted a larger piece of code in November 2012, all the critical vulnerabilities had been fixed.
Such actions are not very similar to the actions of a regular information security consultant. When I put a little pressure on Maxim, he finally admitted the obvious: the hacking of EMC and the FBI's email servers was not a simple attack by a random hacker.
"Technically, we did it," Maxim told me in a late-night phone call.
Sokolov, the St. Petersburg student who was charged by the FBI and put on the Interpol wanted list, worked with Popov from the very beginning, squeezing money after the X. 25 hacks." He's the best of the best, " Popov said. When they broke into AT&T's data center, Popov concluded that the telecommunications giant would easily pay $150,000 to learn the details of the hack and protect its government contracts. Only when AT&T backed out of the deal did Popov call Gilbert and tell him about the hack, hoping that the FBI would pay for the information.
Having made a deal with Gilbert, Popov persuaded Sokolov to talk to the agent in a chat so that he would "solve" the crime. Popov says that Gilbert himself was not involved in the conspiracy. "I think he suspected something, actually," Popov says. "But it wasn't so obvious then."
I can't confirm whether Gilbert suspected something or not, because by the time Popov confessed, Gilbert himself had stopped communicating with me, because revealing the whole Ant City operation story could damage his new career as director of computer security and data protection at PricewaterhouseCoopers, the largest consulting and auditing company.
For his part, Popov, now 35, seems both cocky and tired. He doesn't regret hacking the FBI. But his cockiness fades a little when I ask what role his duplicity played in ruining Gilbert's career at the FBI.
Popov still remembers Thanksgiving 2002, turkey and The Lord of the Rings.
"He was my only friend," Popov says of Gilbert. — I still love him, even if he's a little distant from me because of my new business. I'm still a blackhat, and I always have been. But who cares? I still love him."
In the years since Operation Ant City, the underground community in Eastern Europe has come a long way and grown to a huge scale. The Target and Home Depot hacks resulted in the leakage of nearly 100 million debit and credit cards in 2013 and 2014. The Russian-made banking Trojan ZeuS has boosted online banking theft to its highest level in 10 years. Worms and botnets, ransomware that encrypts files and demands a ransom for bitcoins, even a complex insider trading scheme with damages of $100 million-all this is associated with hackers from the former Soviet republics. As usual, scalability is everything. A Russian hacker doesn't break into a bank to steal some money. He creates a software package that automates bank hacking and sells it on underground forums for $3,000 a copy. Its clients — real thieves-hire spammers to spread malware and money mules to launder money. Everyone has their own specialization. Everyone gets rewarded.
Gilbert's work with Popov was the first attempt to divide the world, although in many ways it was just a new twist on traditional law enforcement tactics. When a federal agency is confronted with a powerful criminal machine, it invariably tries to sabotage its work from within. And to do this, the agency must become a working component in the very criminal mechanism that it hopes to destroy. This tactic always threatens a delicate balance, and Operation Ant City was not the last example when it backfires. Soon after, in another case, Secret Service informant Albert Gonzalez conspired with Russian hackers to leak 160 million credit cards and cause hundreds of millions of dollars in damage — before being caught and sentenced to 20 years in prison in 2010. The federal prosecutor, Assistant Prosecutor Heyman, asked for 25 years.
Some operations end in arrests and awards, while others end in silence and confusion. The only thing that remains unchanged is the underground of Eastern Europe, which grinds through any obstacles in its path, like any car, tirelessly and indifferently, mostly just in search of paid work.
Original author: Kevin Poulsen
