CIO

Aussie named in $678M cyber fraud ring investigation

The so-called Infraud Organisation is alleged to be responsible for over US$530 million in losses

An Australian man has been named by United States authorities as one of 36 people to be charged for their alleged roles in the so-called Infraud Organisation, which is alleged to be responsible for over US$530 million (A$678 million) in losses from cyber crime.

A federal indictment was unsealed on 7 February, charging the individuals for their alleged roles in the Infraud ring. Among them was Edgar Rojas aka “Edgar Andres Viloria Rojas,” aka “Guapo,” aka “Guapo1988,” aka “Onlyshop,” a 27-year-old from Australia.

US authorities describe the Infraud Organisation as an internet-based cyber criminal enterprise engaged in the large-scale acquisition, sale, and dissemination of stolen identities, compromised debit and credit cards, personally identifiable information, financial and banking information, computer malware, and other contraband.

Following the indictment by a US grand jury alleging racketeering conspiracy and other crimes, federal, state, local, and international law enforcement authorities arrested 13 people from the US and six other countries, including Australia, the United Kingdom, France, Italy, Kosovo and Serbia.

The Australian Federal Police (AFP) was among dozens of international law enforcement agencies to take part in the investigation.

According to the US indictment, the Infraud Organisation was allegedly created in October 2010 by Svyatoslav Bondarenko aka “Obnon,” aka “Rector,” aka “Helkern,” from Ukraine, with the alleged intention to build the organisation as the “premier destination” for carding -- purchasing retail items with counterfeit or stolen credit card information -- on the internet.

According to US authorities, the organisation allegedly directed traffic and potential purchasers to the automated vending sites of its members, which served as online conduits to traffic in stolen means of identification, stolen financial and banking information, malware, and other illicit goods.

“As alleged in the indictment, Infraud operated like a business to facilitate cyber fraud on a global scale.  Its members allegedly caused more than US$530 million in actual losses to consumers, businesses, and financial institutions alike -- and it is alleged that the losses they intended to cause amounted to more than US$2.2 billion,” the US Justice Department Criminal Division’s Acting Assistant Attorney General, John Cronan, said.