Aleksei Burkov, 29, pleaded guilty in the United States to money laundering, device fraud and other crimes after he was caught running an illegal website, called Cardplanet, that sold stolen credit card data.
Burkov had been on the run since 2013 when authorities identified him as the culprit behind Cardplanet. He took refuge in Egypt, but was arrested in at Ben-Gurion airport near Tel Aviv in December 2015. After a lengthy extradition process, he arrived in the United States.
All in all, the stolen credit card data from Cardplanet was used in purchases totaling over $20 million dollars. Making matters worse, Burkov had a secondary website called Direct Connection that worked as a gathering place for cybercriminals, who could advertise their stolen goods, such as personal identifying information, malicious software or money laundering services.
Members of this exclusive “club” were vetted and had to meet specific conditions. For example, each new member needed three other people to vouch for him, and to pay an insurance fee of $5,000.
“Burkov pleaded guilty to access device fraud and conspiracy to commit computer intrusion, identity theft, wire and access device fraud, and money laundering, and faces a maximum sentence of fifteen years in prison when sentenced on May 8. Actual sentences for federal crimes are typically less than the maximum penalties,” reads the statement from the US Department of Justice.
Most of the credit card data was stolen in computer intrusions, and the majority belonged to US citizens. Over a span of five years, data for more than 150,000 stolen credit card was sold on the website, at prices as low as $2.50. There was even a refund policy for burned cards, according to the indictment.