Darkmarket: Cyberthieves, Cybercops and You
“Darkmarket is a lively account of how credit card crime is organized on the Internet and an engaging portrayal of some of the characters who are involved. It is a true crime story in the modern age, where young game-playing code cutters have taken the place of bank robbers—and where the information that identifies you is more likely to be stolen than your tangible property.”
Who is ripping you off? It’s probably some kid in another country who is addicted to computer games. The story is in Darkmarket: Cyberthieves, Cybercops and You by Misha Glenny.
Most American households have several credit cards, and in most of those households at least one card has been compromised. That does not mean the card has been subject to actual fraud, but rather that some or all of the information on the card has been stolen and might be used for fraud in the future.
For many years, experts thought that credit card fraud was a well-organized, vertically integrated industry. Stories abounded in the halls of major credit card companies that the Russian mafia had organized crime by specialization.
One group worked on hacking into companies. Another made skimmers (explained below). Some groups manufactured counterfeit cards. Some used the cards to buy things that they could easily fence. Others used them for cash. And still others sold the cards to other criminals.
In turns out that there was no single crime organization that did all these things. The criminals were individuals all over the world, and their connections with each other were organized on the Internet. One such forum for credit card criminals was called Darkmarket.
Misha Glenny is a journalist who has written about the fall of Communism, the Balkans, and global crime organizations. Given our incorrect guesses about how credit card fraud was organized, it seems natural that a reporter who understood crime gangs in the former Soviet bloc would turn to the organization of global crimes involving the payments industry.
But as Mr. Glenny’s fascinating story demonstrates, a new type of criminal is at work, and he (either there aren’t many women involved, or they’re better at not getting caught and we don’t know about them) is most often a loner connected to others across the globe by means of underground, Internet enabled networks.
The Internet sites connect the various elements of crime specialization to each other, provide information on how to commit the crimes, and serve as a marketplace.
It might start with a young self-made engineer such as Nicholas Joehle in Calgary. He was known for manufacturing very effective skimmers, which are small machines that fit over ATMs, so that when you swipe your card and enter your pin the skimmer records all of the information. Other criminals would buy these skimmers on sites like Darkmarket, install them, and steal people’s financial identities.
They would then sell the information to card counterfeiters or to people who would use the identification information to purchase goods on the Internet. (Ever wonder why some high-value items on public auction sites are cheaper than wholesale? They probably didn’t fall off a truck.) And finally, the yeomen of the enterprise would go from ATM to ATM cashing out.
Much of Darkmarket is the story of the site’s administrators who vetted users to make sure that they were not law enforcement. These young men were spread across the world, and most were skilled hackers. They were not so skilled at vetting for law enforcement. It turns out that one of the main players on the Darkmarket site who helped make it a virtual private network was Special Agent Keith J. Mularski of the FBI’s Cyber Division. And so a big part of the story is how police across the globe cooperated to bust the criminals (and another part of the story is how the FBI and the Secret Service failed to cooperate on many issues).
Getting arrested was catastrophic for the criminals, but it was hardly their only problem. Honor among thieves was not a major part of this group’s culture. Many of the sites were put out of business by competitors, especially by the American who went by the name of Max Vision, and whose story is well told in another book, Kingpin. Joehle, the Canadian skimmer manufacturer, was put out of business by someone going by the name of Cha0 in Turkey. As one can imagine happening within a group of young computer geeks with sociopathic tendencies, the inevitable flame wars had real consequences.
The arrest of Darkmarket leaders was a major coup for the good guys, but Darkmarket was by no means the only site connecting credit card criminals. There have been Russian sites, which suffered more from internecine strife than from law enforcement. The Russian government seems to have a hands-off approach so long as the criminals do not rip off Russians, and indeed the government may have secured hackers’ cooperation in massive cyberattacks on Estonia and Georgia (for which the Russian government officially has disavowed responsibility).
The story Mr. Glenny covers briefly touches on a site called CardersMarket (also well-described in Kingpin), which was run by Max Vision (he changed his name from Max Butler shortly before his arrest a few years ago). Vision was caught with nearly two million stolen credit card numbers, most of which he had stolen by hacking into other criminal Internet sites. It was this hacker who shut down many of the sites that competed with his criminal enterprise.
Another hacker and criminal competitor was Albert Gonzalez, who is only briefly mentioned. He was a Secret Service informant who managed to break into the computers of Heartland Payment Systems, Hannaford, 7-Eleven, and TJX. If you used a credit card at TJ Maxx or Marshalls while his sniffer code was in their systems, your number was probably sold on an Internet site.
So while Mr. Glenny’s book is a fascinating story and an important part of the overall picture, it only touches on an element of global credit card crime. It does not explain much about actual mechanics of hacking, counterfeiting, and monetizing stolen numbers.
Indeed, although Darkmarket focuses on skimmers, they probably accounted for only a small part of the credit card information that has been stolen in the past decade. But what the book does describe—the story of how sites like Darkmarket vertically integrated the various specialties in crime—is an interesting and crucial element in the broader picture.
The book also describes the backgrounds of various figures and how trust was established in this international market of criminals who did not know each other. Eventually, this system of trust proved faulty.
The downfall of the organization was its infiltration by law enforcement agencies as well as competition among the thieves. Mr. Glenny is a skilled journalist, who got interviews with many of the characters he describes so well.
The end of Darkmarket did not spell the end of credit card fraud by any means. There is little you can do to prevent the theft of your identity except to check your monthly statements carefully (to see if you were the one who made all of the charges). You are rarely responsible for paying anything if you catch the fraud quickly and report it to the institution that issued your card.
And if you are in the U.S., you can request reports from each of the three major credit reporting agencies once a year at no cost, so if you stagger the requests you can get one for free every four months. Make sure that you are the person who has requested all of the loans and credit accounts on the report.
Darkmarket is a lively account of how credit card crime is organized on the Internet and an engaging portrayal of some of the characters who are involved. It is a true crime story in the modern age, where young game-playing code cutters have taken the place of bank robbers—and where the information that identifies you is more likely to be stolen than your tangible property.