Vladuz arrested?
This just hot off the press:
eBay Applauds Romanian and U.S. Law Enforcement for Arrest of Alleged Cyber-criminal, Vladuz.
Another kudos to eBay. I hope it is true and not just another PR stunt be eBay in the wake of it’s share price decline that followed eBay’s Q1 earnings statement today.
But back to these exciting news… remember Vladuz? He was the Romanian hacker who hacked thousands of eBay seller accounts and injected ongoing legitimate auctions with his “zudalv” (vladuz spelled backwords) signature just to prove to his audience, whoever they may have been that he CAN hack eBay and further sales of his eBay scamming warez to his fellow eBay scammers who are less proficient in phish coding.
A good snapshot of Vladuz articles in the news over the past year can be found in The Register by Dan Goodin. You can read related articles on the bottom of that linked page.
It will be interesting to watch if further news on Vladuz background, details of his arrest and some trial tid bits resurface. Perhaps we can get confirmation of some of our own theories.
Apparently the original articles (in Romanian) about the capture of Vlad were published early this morning, one of them by Antena3 and according to bits of info gathered from the article, Vladuz’s real name is Vlad Constantin Duiculescu , trying to translate this article on the basis of several other languages I speak, my rough translation would be that they report this 20 year old hacker specialized in creating phishing programs to extract eBay user’s logins, passwords, PINS, credit card number and was a head of outfit that made $2,000,000 in the period from 2005 through 2007. He was finally apprehended this morning and while the law enforcement entered his building, he managed to throw 3 laptops out of his window in an effort to destroy any evidence on those hard drives. —disclaimer— I do not speak Romanian, I only speak Italian, Spanish, Russian, Czech and English and this translation may be completely off base — end of disclaimer —
This article (also in Romanian) in Gardianul appears to offer quite detailed information on the activities of this Vlad character.
Anyone with Romanian language skills? If you can provide a translation of this article please post it into comments here - any interesting bits and pieces of info are appreciated. Thank you!
Update 4-19-2008 We have translation of the articles under the comments area of this section. As more news details becomes available we will update this section.
Here is a Vladuz arrest Video from TVR (romanian TV)
Here is a
police video from Vladduz’s appartment
Here is another police video on Vladuz from Romanian Antena3 TV
We have additional translations of media articles from past couple of days:
The Directorate for the Investigation of Organized Crime and Terrorism has accused a person of having illegally accessed multiple email accounts belonging to employees of eBay. The accused, by the name of Vlad Constantin Duiceulescu, cost the company over two million dollars between 2005 and 2007. As of 5 April 2007, Duiculescu is accused under penal code 16/1/2003 for illegally accessing a computer system, illegally modifying information, and restricting access etc etc.
On 19 April 2005, the United States Secret Service … something about him trying to sell data.
Personal data, such as credit card numbers, expiration dates, PIN numbers, names… etc
The police were able to identify Vladuz by IP address, and at 5:00 AM entered his apartment by force. Trying to avoid compromising evidence, the young man threw three laptops out the window.
The authorities collected the pieces of the computers to reassemble them, in the hopes of recovering the data.
….
Magistrates of the Bucharest court issued a 29-day preventive arrest warrant for Vlad D, the Romanian hacker called the “Cyberspace Terrorist.” He was retained under the accusation that he stole two million dollars from the accounts of the online commerce site, eBay.
Put under surveillance three years ago by the Secret Service, Vlad is (the) Romanian who at just 17 years of age succeeded in (?) officials of an entire company. He operated under the name “Vladuz”, illegally accessing accounts of many eBay users between 2005-2007. Sought by the American authorities, the hacker was caught after he tried to sell to employees of eBay the program which he had used to hack the site. Company officials sought the assistance of the FBI.
Prosecutors state that the young thief stole identification information of eBay employees. (Untranslated sentence). The last attack was in March 2007. In the last two years, the international press named him the “Cyberspace Terrorist.” The Americans knew he was in Romania, but did not know exactly who he was. Prosecturs succeeded in identifying him and learned he was a 20-year-old youth from the town of Drumul Taberei.
(Not sure, think it says they filed charges against him a year ago). He faces 15 years in prison for committing computer crimes. The case is not unique. The Italian and American press have reported for years about a multitude of Internet crimes in which Romanian citizens are implicated. The value of the reported crimes has risen to over one million Euros.
….
New detail: laptops were thrown from the 5th floor.
Later in the article, it talks about a login spoofing kit he developed. They were looking at 274 possible spoofing sites initially, and narrowed it to 7 (not sure why).
If I understand correctly, eBay helped in the capture by having an employee secretly contact Vladuz to buy one of his site spoofing kits, and after they got down to payment details as to where to send the money, contacted the Secret Service. and this helped track him to the apartment in Bucharest.
They mention 1.2 million in losses related to the compromised accounts from the phishing.
He was advertising phishing sites for sale, and they give a list of email contact addresses he was using.
Later, Vladuz had several Skype conversations with an eBay employee, and through this was able to hijack two employee accounts and was able to access the internal servers remotely (so we’d not be talking about eBay logins, but probably a VPN, or Virtual Private Network so employees could work from home)
Sounds like he tried to get eBay to employ him or pay him on some level related to the remote access… typical young hacker stuff, I bust into your computers, please hire me as your security consultant. (Language is getting a little technical here).
He then posted some information that cost eBay $500,000 in damage control.
They then mention one more employee account accessed, and 1,111 eBay accounts accessed.
BIG THANKS TO EBAY MEMBER WHO PROVIDED THIS TRANSLATION HERE
http://forums.ebay.com/db2/thread.jspa?threadID=2000554111&start=0
l
Comment by admin — April 19, 2008 @ 6:11 am