To the casual observer, there was little to distinguish the Java Bean Internet cafe in Wembley, north London, from the hundreds of others dotted around the British capital. But to surveillance officers staking it out month after month, this unremarkable venue was the key to busting a remarkable and sophisticated network of cyber criminals.
From the bank of computers inside, a former pizza bar worker ran an international cyber “supermarket” selling stolen credit card and account details costing the banking industry tens of millions of pounds.
Renukanth Subramaniam, 33, was revealed on Jan. 14 as the founder and a major “orchestrator” of the secret DarkMarket Web site, where elite fraudsters bought and sold personal data, after it was infiltrated by the FBI and the US Secret Service.
Membership was strictly by invitation. But once vetted, its 2,000 vendors and buyers traded everything from card details, obtained through hacking, phishing and ATM skimming devices, to viruses with which buyers could extort money by threatening company Web sites.
The top English language cybercrime site in the world, it offered online tutorials in account takeovers, credit card deception and money laundering. Equipment — including false ATM and pin machines and everything needed to set up a credit card factory — was available.
It even featured breaking-news-style updates on the latest compromised material available, while criminals could buy banner adverts to promote their wares.
So vast was its reach, with members in the UK, Canada, US, Russia, Turkey, Germany and France, the UK’s Serious Organised Crime Agency (SOCA), which helped bust it, said it was “impossible” to put a figure on how much it cost banks worldwide.
Subramaniam, who used the online nickname JiLsi, was remanded in custody at his own request at Blackfriars crown court in London yesterday after pleading guilty to conspiracy to defraud and five counts of furnishing false information. Judge John Hillen said it was “inevitable” he faced a “substantial custodial sentence.”
A British citizen, Subramaniam was a former member of ShadowCrew, DarkMarket’s forerunner, which was uncovered by the US Secret Service in 2004.
“JiLsi was one of the highest in cybercrime in this country with what he managed to achieve setting up a forum globally. No JiLsi, no DarkMarket,” one Soca investigator said.
Its 2,000 members never met in real life. Quality, not quantity, was the key. DarkMarket was fastidious in banning “rippers” who would cheat other criminals. Honor among thieves was paramount.
It operated an “escrow” service, with payments and goods exchanged through a third party — “like a PayPal for criminals,” the judge said, and an arbitration service resolved disputes. To keep off the radar, the rules were strict: no firearms, drugs or counterfeit currency.
Built on a pyramid structure, administrators decided who joined, moderators ran specific site sections and reviewers vetted wannabes — each demanding 5 percent, or £250 (US$405) per transaction, as a fixer’s fee.
To get on, criminals had to present details of 100 compromised cards free of charge — 50 to one reviewer, 50 to another. Reviewers would test the cards and write an online review of customer satisfaction — just like eBay customers.
“If the cards did what they were supposed to, and if they got the money, they would be recommended. If not they weren’t allowed in,” the investigator said.
Payment was via accounts on WebMoney, or E-Gold.
“It was the QuickTime method of paying, sending money anywhere in the world,” the investigator said.
Subramaniam was one of the top administrators. He kept his operating system on memory sticks. But when one was stolen, costing him £100,000 in losses and compromising the site’s security, he was downgraded to reviewer. Surveillance officers caught him logging on to the Web site as JiLsi unaware the fellow criminal MasterSplyntr he was talking to was, in fact, an FBI agent called Keith Mularski.
Considerable money was exchanged, though transactions took place away from the site for security reasons. One buyer spent £250,000 on stolen personal information in just six weeks.
Described as “a very quiet man,” Subramaniam worked in low profile jobs at Pizza Hut and as a dispatch courier.
“He owned three houses but was largely itinerant ... never staying in one place for long,” said Sharon Lemon, Soca deputy director.
He is charged alongside John McHugh, 66, or “Devilman,” also a reviewer who has pleaded guilty to conspiracy to defraud and at whose Doncaster home a credit card-making factory was found. The two will be sentenced later. But for investigators, the battle against cyber fraud continues.
“This was one of the top 10 sites in the world, but there are more than 100 we know of globally, and another 100 we don’t yet know of,” the investigator said.
A cyber crime price list
Trusted vendors on DarkMarket offered a smorgasbord of personal data, viruses and card-cloning kits at knockdown prices. Going rates were:
— Dumps Data from magnetic stripes on batches of 10 cards. Standard cards: US$50; Gold/platinum: US$80; Corporate: US$180.
— Card verification values. Information needed for online transactions. US$3 to US$10 depending on quality.
— Full information/change of billing Information needed for opening or taking over account details. US$150 for account with US$10,000 balance. US$300 for one with US$20,000 balance.
— Skimmer Device to read card data. Up to US$7,000.
— Bank logins. Two percent of available balance.
— Hire of botnet Software robots used in spam attacks. US$50 a day.
— Credit card images. Both sides of card. US$30 each.
— Embossed card blanks US$50 each.
The recent passing of Taiwanese actress Barbie Hsu (徐熙媛), known to many as “Big S,” due to influenza-induced pneumonia at just 48 years old is a devastating reminder that the flu is not just a seasonal nuisance — it is a serious and potentially fatal illness. Hsu, a beloved actress and cultural icon who shaped the memories of many growing up in Taiwan, should not have died from a preventable disease. Yet her death is part of a larger trend that Taiwan has ignored for too long — our collective underestimation of the flu and our low uptake of the
For Taipei, last year was a particularly dangerous period, with China stepping up coercive pressures on Taiwan amid signs of US President Joe Biden’s cognitive decline, which eventually led his Democratic Party to force him to abandon his re-election campaign. The political drift in the US bred uncertainty in Taiwan and elsewhere in the Indo-Pacific region about American strategic commitment and resolve. With America deeply involved in the wars in Ukraine and the Middle East, the last thing Washington wanted was a Taiwan Strait contingency, which is why Biden invested in personal diplomacy with China’s dictator Xi Jinping (習近平). The return of
Actress Barbie Hsu (徐熙媛), known affectionately as “Big S,” recently passed away from pneumonia caused by the flu. The Mandarin word for the flu — which translates to “epidemic cold” in English — is misleading. Although the flu tends to spread rapidly and shares similar symptoms with the common cold, its name easily leads people to underestimate its dangers and delay seeking medical treatment. The flu is an acute viral respiratory illness, and there are vaccines to prevent its spread and strengthen immunity. This being the case, the Mandarin word for “influenza” used in Taiwan should be renamed from the misleading
Following a YouTuber’s warning that tens of thousands of Taiwanese have Chinese IDs, the government launched a nationwide probe and announced that it has revoked the Republic of China (Taiwan) citizenship of three Taiwanese who have Chinese IDs. Taiwanese rapper Pa Chiung (八炯) and YouTuber Chen Po-yuan (陳柏源) in December last year released a documentary showing conversations with Chinese “united front” related agency members and warned that there were 100,000 Taiwanese holding Chinese IDs. In the video, a Taiwanese named Lin Jincheng (林金城), who is wanted for fraud in Taiwan and has become the head of the Taiwan Youth Entrepreneurship Park