A federal grand jury has indicted one Russian and six Eastern Europeans for hacking into the computer system of Atlanta-based RBS WorldPay and stealing, in less than 12 hours, $9.4 million from automated teller machines in 280 cities across the world. 

“This investigation has broken the back of one of the most sophisticated hacking rings in the world,”  Sally Yates, acting U.S. attorney for the Northern District of Georgia, said in a statement.

The  grand jury in Atlanta indicted Viktor Pleshchuk, 28, of St. Petersburg, Russia; Oleg Covelin, 28, of Chisinau, Moldova; and five Estonians: Sergei Tsurikov, 25, Igor Grudijev, 31, Ronald Tsoi, 31, Evelin Tsoi, 20, and Mihhail Jevgenov, 33. Another person, identified only as "Hacker 3," was also indicted.

In November 2008, Mr. Pleshchuk, Mr. Tsurikov and Mr. Covelin hacked into the RBS WorldPay computer network, according to the indictment. RBS WorldPay is the U.S. payment processing division of the Royal Bank of Scotland.

The three alleged hackers decoded the encryption on debit cards used by companies to pay their employees. They then allegedly raised the amount of funds available on the cards and issued 44 counterfeit cards to a network of “cashers” who withdrew more than $9.4 million from 2,100 ATMs in Canada, Estonia, Hong Kong, Italy, Japan, Russia, Ukraine and the United States.

The cashers were allowed to keep 30 to 50 percent of the proceeds, returning the remainder of the funds to the hackers, who were monitoring the withdrawals in real time via the RBS WorldPay computer system, according to the indictment.

In a statement, RBS said it is pleased with the indictments and that it is cooperating with the investigation but offered no other comments.

Mr. Tsurikov is in custody in Estonia, but federal prosecutors declined to discuss the status of the other defendants. 

The indictments marked the second federal case in a week involving ATM schemes and Eastern Europeans. On Nov. 9, two Romanians, Romulus Bacian, 40, and Marius Ennache Csapay, 45, pleaded guilty to stealing ATM card account information from hundreds of Washington Mutual customers using “skimming” equipment affixed to ATMs around metro Atlanta.

The skimming device, placed over the normal card reader, recorded the debit card number. At the same time, a small camera installed above the ATM recorded the customer as he or she entered a password.

Using stolen, unactivated American Express gift cards as proxies for debit cards, the men stole an estimated $200,000, according to a U.S. Department of Justice news release.

Ali Raza, executive vice president of Atlanta-based Speer and Associates Inc., a consulting firm for banks and credit card companies, said hacking schemes are getting costlier and more sophisticated.

“Gone are the days of people looking for a carbon copy of a charge card sales slip,” he said. “The stakes are so high, the returns are so high, people are prepared to go to great lengths.”

He noted that in the RBS Worldpay case, hackers allegedly took control of the company computer system.

“RBS is not a tiny organization,” he said. “It’s one of the world’s largest banks.”

As hackers increasingly launch larger operations, banks will have to adjust, said Mr. Raza.

“It demands a whole different level of security and risk management,” he said.

2012 The Agio Press, Inc. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without expressed permission.