Aleksei Burkov, an ultra-connected Russian hacker once described as “an asset of supreme importance” to Moscow, has pleaded guilty in a U.S. court to running a site that sold stolen payment card data and to administering a highly secretive crime forum that counted among its members some of the most elite Russian cybercrooks.https://krebsonsecurity.com/wp-content/uploads/2019/11/burkov-jerusalem-getty.png">MediaAleksei Burkov, seated second from right, attends a hearing in Jerusalem in 2015. Andrei Shirokov / Tass via Getty Images.Burkov, 29, admitted to running CardPlanet, a site that sold more than 150,000 stolen credit card accounts, and to being the founder and administrator of DirectConnection — a closely guarded underground community that attracted some of the world’s most-wanted Russian hackers. He https://www.justice.gov/usao-edva/pr/russian-national-pleads-guilty-running-online-criminal-marketplace">pleaded guilty last week in a Virginia court to access device fraud and conspiracy to commit computer intrusion, identity theft, wire fraud and money laundering.As KrebsOnSecurity noted in https://krebsonsecurity.com/2019/11/why-were-the-russians-so-set-against-this-hacker-being-extradited/">a November 2019 profile of Burkov’s hacker nickname ‘k0pa,’ “a deep dive into the various pseudonyms allegedly used by Burkov suggests this individual may be one of the most connected and skilled malicious hackers ever apprehended by U.S. authorities, and that the Russian government is probably concerned that he simply knows too much.”Membership in the DirectConnection fraud forum was heavily restricted. New members had to be native Russian speakers, provide a $5,000 deposit, and be vouched for by three existing crime forum members. Also, members needed to have a special encryption certificate installed in their Web browser before the forum’s login page would even load.DirectConnection was something of a Who’s Who of major cybercriminals, and many of its most well-known members have likewise been extradited to and prosecuted by the United States. Those include Sergey “Fly” Vovnenko, who was sentenced to 41 months in prison for operating a botnet and stealing login and payment card data. Vovnenko also served as administrator of his own cybercrime forum, which https://krebsonsecurity.com/2019/09/interview-with-the-guy-who-tried-to-frame-me-for-heroin-possession/">he used in 2013 to carry out a plan to have Yours Truly framed for heroin possession.As noted in last year’s profile of Burkov, an early and important member of DirectConnection was a hacker who went by the moniker “aqua” and ran the banking sub-forum on Burkov’s site. In December 2019, The FBI has https://www.fbi.gov/wanted/cyber/maksim-viktorovich-yakubets">offered a $5 million bounty leading to the arrest and conviction of aqua, who’s been identified as Maksim Viktorovich Yakubets. The Justice Department says Yakubets/aqua https://krebsonsecurity.com/2019/12/inside-evil-corp-a-100m-cybercrime-menace/">ran a transnational cybercrime organization called “Evil Corp.” that stole roughly $100 million from victims.https://krebsonsecurity.com/wp-content/uploads/2019/11/jz-dc.png">MediaIn this 2011 screenshot of DirectConnection, we can see the nickname of “aqua,” who ran the “banking” sub-forum on DirectConecttion. Aqua, a.k.a. Maksim V. Yakubets of Russia, now has a $5 million bounty on his head from the FBI.According to a statement of facts in Burkov’s case, the author of the https://krebsonsecurity.com/?s=spyeye&x=0&y=0">infamous SpyEye banking trojan — Aleksandr “Gribodemon” Panin — was personally vouched for by Burkov. Panin was sentenced in 2016 to 24 years in prison.Other top DirectConnection members include convicted credit card fraudsters https://www.wired.com/2010/08/badb…
