Federal authorities said the hacker known as nCuX, Bulba and other online aliases was Russian hacker Roman Seleznev.
Seleznev allegedly was part of a hacking group that targeted restaurants between 2009 and 2011 and stole credit card data from point-of-sale terminals and operating websites to sell the cards, according to a 29-count indictment in the Western District of Washington from 2011, now unsealed. He was recently arrested by the US Secret Service and will remain in custody awaiting trial.
“This scheme involved multiple network intrusions and data thefts for illicit financial gain,” said Julia Pierson, director of the U.S. Secret Service, in a statement. “The adverse impact this individual and other transnational organized criminal groups have on our nation’s financial infrastructure is significant and should not be underestimated.”
Meanwhile, Russian officials are claiming American authorities kidnapped Seleznev and took him to Guam.
The charges in the indictment include five counts of bank fraud, eight counts of intentionally causing damage to a protected computer, eight counts of obtaining information from a protected computer, one count of possession of 15 or more unauthorized access devices, two counts of trafficking unauthorized access devices, and five counts of aggravated identity theft.
The Broadway Grill restaurant in Seattle was specifically mentioned in the indictment as a target of Seleznev. The restaurant closed in April 2013 due to a breach that exposed more than 30,000 credit cards. Other Seattle-area small businesses were affected by Seleznev’s alleged scheme to install malware, including a baker, two pizzerias and an Italian restaurant.
Seleznev also allegedly used malware to steal credit card information from Schlotzsky’s Deli in Idaho, Active Networks in Maryland, Days Jewelry in Maine, Latitude Bar and Grill in New York, Grand Canyon Theatre in Arizona and the Phoenix Zoo.
In a separate indictment out of the District of Nevada, Seleznev was charged with participating in a racketeer influenced corrupt organization (RICO) and conspiracy to engage in a racketeer influenced corrupt organization. He was also charged with two counts of possession of 15 or more counterfeit and unauthorized access devices.