Denis Gennadievich Kulkov, a Russian national, was indicted by the U.S. government today on charges of running a stolen credit card checking business that made them gather in tens of millions of dollars.
Kulkov allegedly made at least $18 million in Bitcoin by creating the underground service Try2Check in 2005. This site quickly gained popularity among hackers engaged in the unlawful credit card trade.
Those part of the buying and selling of stolen credit card information in large quantities used the service, as well as dark web marketplaces like Joker’s Stash, to determine what proportion of the cards they were dealing with were valid and active.
Defendant’s use of the Try2Check platform resulted in losses for cardholders, issuers, and a well-known U.S. payment processing company whose systems were compromised in order to complete the fraudulent card verifications.
On Wednesday, the U.S. government collaborated with German and Austrian partners to shut down the malware distribution platform Try2Check. This operation involved agents from the Austrian Services, the German Authorities, and the French Central Directorate of the Judicial Police (DCPJ).
The DOJ stated today that Try2Check processed tens of millions of credit card checks annually and facilitated the work of major card shops that earned hundreds of millions of dollars in Bitcoin earnings.
The site had undergone at least 16 million checks over a nine-month period in 2018, and the site performed at least 17 million checks over a thirteen-month period beginning in September 2021.
The Transnational Organized Crime Rewards Program (TOCRP) prize of $10 million was announced today by U.S. State Department and U.S. Secret Service for information leading to the arrest of Kulkov, who is currently located in Russia.
U.S. Secret Service agent Denis Gennadievich Kulkov risks 20 years in jail if he is found guilty and convicted. According to U.S. Secret Service Special Agent Patrick J. Freaney, the person named in today’s indictment is accused of running a criminal service with global reach.
Thanks to the hard work of law enforcement agencies worldwide, Try2Check can no longer be used to launder money or facilitate further illegal behavior.
Conclusion
The United States government has unsealed a four-count indictment against the accused Russian operator of a prominent cybercrime service and declared victory. Try2Check was an integral part of the fraud supply chain since it allowed cybercriminals to check the validity of stolen cards they purchased on dark web marketplaces. The US Attorney’s Office estimates that the site has handled tens of millions of cards annually since its inception in 2005 and that it has helped fund carding shops like the iconic Joker’s Stash, which earn hundreds of millions of dollars annually. Hackers Hacked as Underground Carding Site is Breached has further information about these underground locations.
The site handled an influx of card transactions at one point. The website allegedly did at least 17 million checks in the first 13 months commencing in September of 2021. This is up from at least 16 million checks over the preceding nine months in 2018. The websites for Try2Check have been taken down, and the State Department is offering a $10 million reward for information leading to the detention of the guy who is believed to have been behind the operation. Denis Gennadievich Kulkov, a Russian resident known as “Kreenjo,” “Nordex,” and “Nordexin,” is charged with access device fraud, computer penetration, and money laundering in relation to Try2Check. He might spend up to 20 years in prison if he is ever caught and convicted. Kulkov is rumored to have made at least $18 million in bitcoin and possibly more in other digital currencies over the years, which he used to buy a Ferrari and other expensive goods. However, given the current geopolitical climate, it is highly unlikely that the Samara, Russia, resident will be apprehended.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.