[ad_1]
At the top of the cybercrime “race,” the hacker nicknamed Hieupc makes $ 125,000 a month providing identity theft services.
Ngo Minh Hieu, born in 1989 in Gia Lai and nicknamed Hieupc, has just been released from prison in the United States after more than 7 years in prison. He recounts his stuck path in the underworld to cybercrime journalist Brian Krebs, homepage KrebsOnSecurity, Desiring to warn others not to follow in their own footsteps.
For a few years, beginning in 2010, Hieu operated one of the most profitable services on the Internet related to the sale of “fullz” – records containing hundreds of thousands of stolen identities, such as usernames. , date of birth, social security number, email and address. This information is acquired by cybercriminals to scam, falsify the victim’s bank card …
When Hieu was arrested by the United States Secret Service in 2013, this young hacker made more than $ 3 million selling data to many organized crime lines in the United States.
In February 2013, Agent Matt O’Neill planned to remove Hieu from Vietnam and fly to Guam, where he was arrested and taken back to the United States. O’Neill said he opened the investigation after reading the article “How much is your identity worth?“Posted 2011 on pageKrebsOnSecurity, which mentions Hieu’s website. Hieupc is not well known, but the information he sold has enabled a host of other cybercriminals to commit credit fraud, stealing accounts worth an estimated $ 1 billion.
“I don’t know which cybercriminals cause more financial harm to Americans than NGOs,” O’Neill said. “It sells the personal information of more than 200 million Americans and allows anyone to buy with a few pieces of silver.”
The beginning
Hieu’s family owns an electronics store. At the age of 12, his parents bought him for a computer. When he was 19 years old, he studied in New Zealand and is now the administrator of various hacker forums on the dark web.
During the course of the study, Hieu discovered a hole in the school’s computer network, revealing payment card information. “I contacted the school technician to fix the bug, but no one cared, so I hacked the whole system. Then I used this vulnerability to hack other websites and stole a lot of credit card information,” he said Hieu.
He decided to use the data to buy concerts, event tickets … and then resell it on the TradeMe auction site in New Zealand. The school eventually discovered Hieu’s behavior and reported it to the police. Your visa is not renewed when the first semester ends.
Hieu went back to studying Vietnam, but most of the time he still wanders through criminal forums.
“From viewing hacking as fun, I turned to hacking for profit when I saw how easy it was to make money stealing customer data. I connected with some friends on forums around the world. Underworld and planning a new criminal campaign “Hieu shared. “My friends said it was dangerous to get credit cards and bank account information, so I started thinking about selling identity data. At first I thought it was just information, maybe it was. Not bad because it is not directly related to the bank account. But I was wrong and the money I made was so fast that I blurred. “
MicroBilt
Hieu’s first big target is a MicroBilt credit reporting company in New Jersey (USA). “I infiltrated their platform, I stole user databases. I operated on that system for almost a year without anyone knowing,” Hieu said.
After gaining access to MicroBilt, he created a Superget website, which sells individual user profiles. When a customer requests information on a particular status or group of users, they manually look up the data.
“I tried to collect a lot of files at once, but the internet speed in Vietnam was very slow at the time, I couldn’t download all of them because the database was too big so anyone who needs something should stop looking for that information in the system. “Hieu said.
Then he discovered how to use more powerful servers in the US to automatically collect large amounts of data from MicroBilt and other data companies.
“Our database is updated daily with information on 99% of Americans, more than any other site on the Internet,” announced the Hieu website. Each piece of information, such as social security number or date of birth, sells for $ 3.
The MicroBilt hack was eventually discovered and the company kicked Hieu out of the system. However, he soon returned thanks to another defect.
Court Ventures và Experian
The cat and mouse game with MicroBilt continued until Hieu found a more compelling source of user data: an American company called Court Ventures, which created public records from court documents. Hieu is not interested in the data collected by Court Ventures, but in their data sharing agreement with the data broker US Info Search, which has the ability to access more sensitive user profiles.
Using fake documents and a few tricks, Hieu convinced Court Ventures to believe he was a private investigator in America. “Initially, when I checked in, they asked me for some documents to verify, so I used some skills to get through security,” Hieu said.
In March 2012, Court Ventures was acquired by Experian, one of the leading consumer credit institutions in the US “The database is controlled by Experian and I pay Experian thousands of dollars a month,” Hieu said.
O’Neill said he wasn’t sure if Experian considered the merged Court Ventures accounts, but it wasn’t hard to see an anomaly in Hieu’s account. You typically pay for customer data requests by transfers from many different bank accounts. However, they are all new accounts and most are in China, Malaysia and Singapore.
According to O’Neill, Hieu’s website performs tens of thousands of inquiries per month. For example, the first invoice that Court Ventures sent to Hieu in December 2010 was for 60,000 inquiries. When Experian acquired the company two years later, Hieu’s service attracted more than 1,400 regular customers with 160,000 monthly inquiries.
More importantly, Hieu makes a lot of money for each consultation, Court Ventures charges him $ 0.14 but charges it from the client for $ 1.
O’Neill and the US Secret Service also began to pay attention to Hieu’s activities and discovered some emails that Hieu sent to his accomplices, instructing him how to pay Experian by transferring money from Asian banks.
FLOOR
Working with the Secret Service, Experian quickly erased information and closed Hieu’s accounts. Seizing the opportunity, the United States Secret Service tried to contact Hieu through an intermediary in the United Kingdom: a famous cybercriminal, was convicted and agreed to cooperate with the investigative agency. This person told Hieu that he himself blocked Hieu’s accounts at Experian because he was interfering with the data business.
“You’re walking on my lawn so I have to lock you up. But if you give me a percentage, you will still have access,” the person said. Under the direction of the US Secret Service and UK authorities, the criminal requested a meeting to negotiate face-to-face. But Hieu didn’t bite.
Instead, it went to another data warehouse. Similar to the Court Ventures approach, Hieu opened an account at TLO, a brokerage firm that sells access to confidential information of most Americans to law enforcement agencies in the US and a few experts, that can demonstrate that they have a legitimate reason to access such data. Before long, Hieu used the TLO data to restore the semi-anonymous service.
Blurred vision for money
In 2012, Hieu earned more than $ 3 million from business data, as well as deals with three Russian-language cybercriminal stores. He told his parents that he made money developing business websites, even using a portion of the money to pay off his family’s debt. However, most of it is spent on traveling, buying cars and other frivolous things.
When the TLO blocked Hieu’s account, the US Secret Service seized the old opportunity. The criminal in England went on to tell Hieu that he kicked him out of the TLO system and will do so until they meet to establish a partnership. After a few months of discussion, Hieu finally agreed to name this person in Guam because he did not believe that was the trap set by the American investigators.
“I was so desperate that I wanted a stable database, so I was blinded by greed and acted without thinking. A lot of people advised me not to go, but I told them I had to prove what was going on.” out, “Hieu said.
As soon as he got off the plane in Guam, US agents approached Hieu and arrested him. A month later, he was allowed to call his family to explain his situation. He was detained for two months on Guam, then sent back to New Jersey, where he admitted that he had infiltrated MicroBilt and other systems.
The US Secret Service had difficulty determining the exact extent of the financial loss, but estimates from Hieu’s service helped cybercriminals exploit American identities to scam the amount of approximately $ 1.1 billion in Retail Banks and American chain stores.
O’Neill said he spoke to some of Hieu’s clients. These folks admit that buying identity data is much more efficient than buying stolen payment card information. The card data can only be used once or twice before it becomes too disabled, while the identity data can be used over and over again for many years.
“When I run the service, I don’t really care about the consequences because I don’t know who my customers are and what they do with that data,” Hieu said. “But during the trial, the federal court received around 13,000 complaints from victims, telling them that they lost their home, lost their job, and could no longer afford to buy a house or maintain financial resources just for me. It makes me realize that I am a bad boy. “
When Hieu was incarcerated in Texas, an officer here told him a story about a friend of hers. The person’s identity is stolen and then everything is lost. “I don’t know if that person is one of my victims, but the story makes me regret it,” Hieu admitted.
Hieupc hopes to one day work with cybersecurity, but she’s not ready and wants to spend time with her family. In the long term, she hopes to help young people stay away from cybercrime.
Bye an(according to theKrebsOnSecurity)