An extradited Estonian hacker has pled not guilty to bilking the Royal Bank of Scotland of nine million dollars in a single day by tampering with its payroll debit cards around the world, US officials have said.
Sergei Tsurikov, 26, was extradited from Estonia on charges he and a team of young hackers committed wire and computer fraud and aggravated identity theft, which could land him in jail for up to 35 years and a fine of up to 3.5 million dollars.
The US Justice Department said Tsurikov and his people on November 2008 managed to break into the US-based RBS WorldPay site, which handles payroll debit cards used by various companies to pay their employees, who then can draw their wages from an automated teller machine, or ATM.
Tsurikov and his team raised the account limits and then provided a network of "cashers" with counterfeit payroll debit cards, which were used over a period of 12 hours to withdraw more than nine million dollars from 2,100 ATMs in the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan and Canada, the department said.
"In just one day, an American credit card processor was hacked in perhaps the most sophisticated and organized computer fraud attack ever conducted," said US Attorney Sally Yates.
After the withdrawals, the hackers allegedly sought to destroy data stored on the card processing network to cover their tracks, let the "cashers" keep 30 to 50 percent of the stolen funds, and had the rest sent them by WebMoney or Western Union, the DoJ said.
In addition to Tsurikov, seven others are equally charged with the crimes. They hail from Russia, Moldavia and Estonia and are all 30 to 35 years old.
"With cooperation from law enforcement partners around the world, and most particularly in Estonia, we have now extradited to Atlanta one of the leaders of this ring," said Yates.
Explore further: Digital dilemma: How will US respond to Sony hack?