Global phishing email suspect to remain jailed until trial
PITTSBURGH (AP) — An Eastern European man charged with running an international email phishing scheme that enabled him and others to steal $25 million from banks and companies worldwide will remain jailed until he faces trial in federal court.
The public defender for Andrey Ghinkul waived his right to a detention hearing on Wednesday before a federal magistrate in Pittsburgh.
Prosecutors asked for detention because they contend Ghinkul, who lives in Moldova but was arrested in Cyprus last summer, was a threat to flee.
Ghinkul's public defender, Thomas Livingston, has a blanket policy of not commenting to the media.
U.S. victims of the Bugat malware, which infected computers of those who opened the phishing emails, lost about $10 million, the FBI said. The charges were filed in Pittsburgh partly because the greatest threats involved a bank and a school district in western Pennsylvania. Worldwide, businesses and others have lost at least $25 million, U.S. Attorney David Hickton said.
An employee of a western Pennsylvania oil and gas drilling firm, Penneco Oil Co. Inc., opened an email that attacked the company's computers and enabled Ghinkul and others to track keystrokes by the company's employees, prosecutors said.
That information helped the hackers move nearly $2.2 million from a Penneco account to a bank in Krasnodar, Russia, in August 2012 and $1.35 million from a Penneco account to a bank in Minsk, Belarus, in September 2012, authorities said. Another attempted transfer of about $76,000 to a Philadelphia bank account failed, the indictment said.
The company figured out it had been hacked when an employee's email went haywire in May 2012, and it contacted the FBI on the advice of its computer consultant.
The company's bank, First Commonwealth, based in Indiana, just northeast of Pittsburgh, restored the stolen funds and is now considered a victim in the case.
The Sharon City School District, about 60 miles northwest of Pittsburgh, also was a victim of the scheme. Hackers tried and failed to transfer $999,000 from one of its bank accounts to an account in Kiev, Ukraine, in December 2011, the indictment said.