Tech

Turkish mastermind of $55m ATM card hacking spree pleads guilty

Ercan Findikoglu has admitted his role in three cyberattacks which netted a criminal gang $55 million in a matter of hours.

Written by Charlie Osborne, Contributing Writer March 3, 2016 at 4:04 a.m. PT

A Turkish man has been charged and has pleaded guilty to a string of cyberattacks which resulted in the loss of $55 million through withdrawals made through compromised card payment processors and prepaid cards.

Ercan Findikoglu, also known under the aliases "Segate," "Predator," and "Oreon," pleaded guilty to a number of cybercrime-related offences in a complex operation which involved money mules withdrawing millions of dollars from ATMs through compromised prepaid debit cards across the globe.

The 34-year-old Turkish national is being charged with computer intrusion conspiracy, access device fraud conspiracy, and effecting transactions with unauthorized access devices for his leadership role in organizing and carrying out three cyberattacks between 2011 and 2013, the Eastern District of New York announced on Tuesday.

According to the prosecutors, Findikoglu was one of the main perpetrators in a string of crimes which focused on breaking into credit and debit card processing companies, stealing data for prepaid debit cards and removing the withdrawal limits for these cards.

Once armed with this information, Findikoglu and his team took control of network administrator accounts at the payment processing companies and lifted the PIN numbers of compromised debit cards, before handing this information over to mules and cybercriminals.

The credit and debit cards were then used to make fraudulent cash withdrawals at ATMs worldwide.

In a matter of hours on February 27 and 28, 2011, the cybercriminals made withdrawals reaching a total of approximately $10 million at 15,000 ATMs spread across a minimum of 18 countries.

The second strike took place on December 22, 2012, when $5 million from 4,500 ATMs in 20 countries was stolen.

In the third and final operation on February 19 and 20 in 2013, crews in 24 countries made roughly 36,000 withdrawals from ATMs, cashing in by a staggering $40 million.

"During this third operation, in New York City alone, the crews withdrew approximately $2.4 million in nearly 3,000 ATM withdrawals over the course of less than 11 hours," US prosecutors say.

Security

In total, approximately $55 million was stolen from financial institutions.

According to the Washington Times, Findikoglu avoided US law enforcement for years before being caught by German authorities in 2013. After unsuccessfully fighting efforts to extradite him, the Turkish national initially entered a "not guilty" plea.

However, in court on Tuesday, Findikoglu admitted that he worked with others to "target prepaid debit-card accounts [..] and increase the account balances of those prepaid debit-card accounts so that co-conspirators could use the compromised accounts to withdraw currency."

United States Attorney Robert Capers commented:

"By hacking into the computer networks of global financial institutions, the defendant and his co-conspirators were able to wreak havoc with the worldwide financial system by simultaneously withdrawing tens of millions of dollars.
Today's guilty plea by a leader of these massive cyberattacks demonstrates this office's commitment to pursue those who use the perceived safety and anonymity of their computers to steal from innocent victims."

Findikoglu faces up to 57 years and six months in prison.

The guilty plea is the latest step in US law enforcement's takedown of the cybercriminal group. In 2013, dozens of members of a New York-based cybercriminal gang were charged in 2013 in connection to two of the cyberattacks.