Now it seems that Krebs - after a lot of research - has uncovered yet more evidence that "a notorious rogue online pharmacy and other shady enterprises are apparently controlled by ChronoPay executives and employees."
According to the former Washington Post security journalist, leaked ChronoPay emails show that in August 2010 co-founder Pavel Vrublevsky authorised a payment of 37,350 Russian roubles (about $1,200) for a multi-user license of the MegaPlan intranet service.
The documents, says the researcher, indicate that Vrublevsky used the service to help manage the sprawling projects related to ChronoPay's `black' operations, "including the processing of payments for rogue anti-virus software, violent rape pornography sites, and knockoff prescription drugs sold through hundreds of web sites affiliated with a rogue online pharmacy program Rx-Promotion.com.”
"ChronoPay employees used their MegaPlan accounts to track payment processing issues, order volumes, and advertising partnerships for these black programs", he said, adding that, in a move straight out of the Quentin Tarantino film Reservoir Dogs, the employees adopted nicknames like `Mr. Kink,' `Mr. Heppner,' and `Ms. Nati.'
However, says Krebs, in a classic failure of operational security, many of these individuals had their messages automatically forwarded to their real ChronoPay email accounts.
MegaPlan, he explained, offers an application that makes it simple for clients to create organisational charts, and the account paid for by ChronoPay includes a chart showing the hierarchy and reporting structure of its dark divisions.
The dark empire extends all the way to a number of Russian MP3 download sites, says the security researcher, noting that ChronoPay was the main e-money processor for the infamous AllOfMP3.com web site back in 2006.
This latest batch of research from Krebs effectively shows ChronoPay to be at the heart of an online empire that spans many different companies, including advertising affiliates and the Rx-Promotion pharma site service.
"As I've noted in previous stories about Rx-Promotion, it is one of the few remaining pharmacy programs that sells prescription drugs (no prescription required) that are highly controlled in the US, including addictive painkillers Valium, Percocet, Tramadol, and Oxycodone", he said in his latest security blog.
"I've been eager to write more about this treatise since it was first featured in a New York Times story last month", he said. "In a future blog post, I will discuss the potential impact of the main policy alternative outlined in that paper", he added.
Krebs went on to say that he has been trying to convince a number of card-issuing banks in the US to stop processing payments for a handful of merchant accounts known to be tied to illicit online pharmacies.