Related Links

Top 5 Stories


SOCA and the FBI takedown 36 AVC websites

27 April 2012

In a joint exercise between between multiple law enforcement agencies, 36 websites associated with an e-commerce platform known as an automated vending cart (AVC) used to sell stolen credit cards were taken down on Wednesday.

“Laws,” said Adrian Davis of the ISF at Infosecurity Europe, “shouldn’t be national – they should be international. Why are we using a 20th century model for a 21st century problem?” Even as he spoke, international law enforcement was demonstrating its own new grasp on this 21st century problem problem: a joint exercise between SOCA in the UK, the FBI and DoJ in the US, Germany’s BKA, the KLPD in the Netherlands, the Australian Federal Police, the Romanian National Police and the Ukraine Ministry of Internal Affairs all collaborated and cooperated in taking down 36 different websites associated with selling stolen credit card details.

“The seizures are the result of Operation Wreaking hAVoC, an FBI and Justice Department operation targeting the sale of stolen credit card numbers via the Internet,” announced the Federal Bureau of Investigation yesterday. “36 website domains, used to sell compromised card data, have been taken down following a day of action on Wednesday to target online criminals by SOCA... The sites, identified by SOCA as specialising in selling stolen payment card and online bank account details...” announced SOCA on the same day. But whoever owned the operation, the result is clear: “We should all be grateful that the authorities are taking action against those who are turning cybercrime into such a significant underground industry,” said Graham Cluley of Sophos.

It is the sheer scale of the criminality and the extent of the international cooperation that makes this operation so noteworthy. “No single law enforcement agency can fight cyber crime on its own,” said FBI Acting Executive Assistant Director Kevin Perkins, “and the FBI is proud to be a part of such an outstanding effort by all of the participating agencies.”

SOCA gave more details. Thirty-six websites were taken down, 2.5 million items of compromised personal and financial information were recovered, and potential fraud worth an estimated £500million was prevented. SOCA also announced that several computers were seized, two persons suspected of being large-scale customers were arrested, and “an AVC operator based in Macedonia has been arrested by the Macedonian Ministry of Interior Cyber Crime Unit.”

“Just as all of Lulzsec was arrested,” commented Rob Rachwald of Imperva, “now a network of carder sites is paralyzed. And this approach makes sense since it can help eliminate a swath of criminal activity while potentially scaring others from filling the void.” When international law enforcement can cooperate to this extent, one could say that the writing is on the wall for cybercriminals. The writing on their websites now reads: “If you registered this domain name, or otherwise claim an ownership interest in this domain name, you should consult an attorney about your rights.”

This article is featured in:
Internet and Network Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×