In the summer of 2003, a routine investigation for a series of robberies in Manhattan led to unexpected finding. An undercover agent of the New York Police Department followed a young man who behaved suspiciously and observed him for several minutes in the lobby of an ATM. I was extracting money with one card after another, All of them falsifiedtaking advantage of the day change to overcome the daily limits of withdrawal. That scene was just the tip of the iceberg of a much more complex criminal network, as detailed years later the New York Times.
That young man was called Albert Gonzalez, although on the Internet he preferred to hide behind alias as “Soupnazi”. What he did was known in the criminal forums as “Cashing Out”: use cloned cards to get cash before banks could react. His arrest opened the door to an unprecedented operation. The agents discovered that it stored millions of card numbers on their computer and that, in addition to executing fraud, it possessed detailed knowledge about cybercreencrequence techniques.
Gonzalez was not any criminal
The role of this individual in the community of cyber criminals was highlighted: he exercised as a moderator in Shadowcrew, a forum that centralized the exchange of stolen banking data, tools for falsifying cards and advice to exploit vulnerabilities in the financial system. When he was arrested, as NPR points out, He chose to collaborate with the authoritieswhich allowed him to dodge an immediate conviction and become an informant of the Electronic Crimes Unit of the Secret Service. For months, he collaborated in an undercover operation within Shadowcrew and facilitated an international maneuver that culminated in October 2004 with 28 arrested in several countries. The operation, baptized as Firewall, became a reference for cybercrime research.
But the story did not end there. While working for the Government, Gonzalez parallelly built a much more ambitious criminal network. Using various techniques, it accessed internal systems of large American clothing and distribution chains such as TJX (owner of TJ Maxx and Marshalls), Offemax (stationery and office material) or DSW (footwear). Justice data indicate that he and his collaborators stole more than 40 million numbers of credit and debit cards. These intrusions included the installation of “sniffer” programs capable of capturing in real time the data of the cards used in point of sale. The numbers were subsequently encoded on virgin cards and used to remove cash in ATMs.
Arrested in the middle of the Firewall operation
The final jump came with the use of the SQL injection technique, which allowed to remotely access databases from web forms. With her, Gonzalez and her team managed to infiltrate the servers of companies such as Heartland Payment Systems, one of the leading processing processors in the United States. The attack committed the data of millions of transactionsaffecting more than 250 financial entities, and went down in history as the greatest robbery of cards recorded until then. This was detailed by the United States Department of Justice in an official statement issued in 2009. Chains such as 7-Eleven (convenience stores) and Hannaford Brothers (supermarkets) were also affected.
Albert Gonzalez
While collaborating with the day authorities, at night he continued to send stolen databases through contacts in Eastern Europe. He used ghost companies, opaque transfer systems and mules to bleach millions. He even sold committed information to hackers who were being investigated, thus feeding new lines of accusation. Finally, after a series of key arrests and the tracking of an email account linked to their old alias, the agents closed the fence.
He was arrested in 2008 at a Hotel in Miami. Shortly after, he led researchers to a bidon buried at their parents’ house with more than one million dollars in cash. American justice condemned him in 2010 to 20 years and one day in prison for crimes of conspiracy, computer fraud, aggravated identity theft and money laundering. It also imposed two fines of $ 25,000 each, which total a total of $ 50,000, and three years of freedom guarded. The ruling grouped the causes presented in Massachusetts, New Jersey and New York.
Albert Gonzalez, who, according to Podcast Malicionus Life and The New York Times, had come to hack NASA being a teenager and had caught the attention of the FBI, ended up becoming one of the greatest traitors of the hacker ecosystem and a key figure to understand the evolution of cybercrime in the era of electronic commerce. On September 19, 2023, he ceased to be in custody of the Federal Bureau of Prisons, as recorded in the records of the American prison system with the number 25702-050. Since then, his trail has become discreet, as if he tried to definitely move away from his past.
Images | Screen capture | Secret Service (1, 2)
In WorldOfSoftware | Some users are using OPENAI O3 and O4-Mini to find out the location of photos: it is a nightmare for privacy
