Mikhail Shefel, the notorious cybercriminal behind the massive data breaches at Target and Home Depot, has come forward in an exclusive interview with KrebsOnSecurity. This revelation sheds new light on one of the most significant cybersecurity incidents in retail history and exposes the intricate web of Russian cybercrime.
The Hacker Unmasked
Mikhail Shefel, a 38-year-old Moscow resident who recently changed his surname to Lenin, has confirmed his identity as “Rescator,” the alias responsible for selling over 100 million stolen payment cards from Target, Home Depot, and other major retail chains between 2013 and 2015.
Key Revelations
- Collaboration with Dmitri Golubov: Shefel claims that Ukrainian hacker Dmitri Golubov, co-founder of the infamous Carderplanet forum, was the mastermind behind the retail breaches. Shefel’s team allegedly developed the card-stealing malware used in these attacks.
- Financial Gains and Losses: Despite making several hundred thousand dollars from selling stolen cards, Shefel claims he is now broke. He invested his earnings in failed ventures, including a Russian search engine and a click-farm operation.
- Current Legal Troubles: Shefel faces charges in Moscow for operating a ransomware affiliate program called “Sugar” in 2021. His trial is scheduled for November 15, 2024.
Connections to Russian Cybercrime Ecosystem
The interview reveals intricate connections within the Russian cybercrime world:
- Shefel worked as vice president of payments at ChronoPay, a Russian company involved in various online scams.
- He claims his current legal troubles are due to a vendetta by Pyotr “Peter” Vrublevsky, son of ChronoPay‘s founder Pavel Vrublevsky.
- Pavel Vrublevsky is currently imprisoned on fraud charges related to SMS payment schemes and alleged connections to the Hydra darknet market.
Implications for Cybersecurity
This interview provides valuable insights into the operations of high-profile cybercriminals and the complex relationships within the Russian hacking community. It highlights the ongoing challenges in combating international cybercrime and the potential for former hackers to face legal consequences even in countries traditionally seen as safe havens.
Conclusion
As financial institutions and regulatory bodies continue to grapple with evolving cyber threats, this revealing interview serves as a stark reminder of the sophisticated networks behind major data breaches. It underscores the need for continued vigilance and international cooperation in cybersecurity efforts.
