Outlaw Tech (2017–…): Season 1, Episode 6 - World's Smartest Thief - full transcript
A Brilliant thief uses a few high tech-gadgets to steal a priceless treasure from a heavily guard palace.
Narrator:
BIG-BOX STORES ARE NO MATCH
FOR A GIFTED 21st-CENTURY HACKER
ON A SHOPPING SPREE
FOR CREDIT-CARD NUMBERS.
Elfrink: FOR THIEVES TRYING
TO GET CREDIT-CARD INFORMATION
FROM A BIG COMPANY, THIS WAS AN
ABSOLUTELY GENIUS NEW TECHNIQUE.
Narrator: CAREER CRIMINALS
FUSE OLD-FASHIONED KNOW-HOW
AND ENGINEERING EXPERTISE
TO MAKE OFF
WITH OVER $75 MILLION
WORTH OF DRUGS.
Sferrazza: IT WAS THE LARGEST
PHARMACEUTICAL THEFT
IN THE HISTORY
OF THE UNITED STATES.
Narrator: AND A CREDIT-CARD
SKIMMER ALLOWS THIEVES TO STEAL
SO MUCH GAS,
THE RESULTS CAN BE DEADLY.
Man: THEIR CARGO MAKES THEM
HIGHLY COMBUSTIBLE,
SO THEY CAN IGNITE ALL AT ONCE.
[ EXPLOSION ]
Narrator: TECHNOLOGY...
IT'S A NEW, WIDE-OPEN WILD WEST
WITH ENDLESS POSSIBILITIES.
FROM HIGH-TECH HEISTS
TO REAL-LIFE HACKS
TO THE REACHES OF CYBERSPACE,
TECHNOLOGY IS THE LATEST WEAPON
IN THE WAR BETWEEN
MODERN-DAY CROOKS
AND CUTTING-EDGE COPS.
IN THE WRONG HANDS,
TECHNOLOGY CAN BE CRIMINAL.
ONE EARLY VERSION
OF THE INTERNET
WAS DEVELOPED BY
THE U.S. DEPARTMENT OF DEFENSE
IN THE 1960s.
BY THE 1980s, IT WAS NO LONGER
A MILITARY TOOL,
AND ADVANCES IN COMPUTING
TECHNOLOGY PAVED THE WAY
FOR THE WORLD WIDE WEB.
FAST-FORWARD A DECADE,
AND THE INTERNET
HAS TRANSFORMED
THE FACE OF BANKING AND RETAIL,
WITH CREDIT-CARD
AND OTHER FINANCIAL INFORMATION
TRAVELING ACROSS THE WEB
AT LIGHTNING SPEED.
AS THE INTERNET BECOMES
MORE ACCESSIBLE,
INEVITABLY, CYBER CRIME IS BORN.
IN 1995, A MAJOR
U.S. GOVERNMENTAL AGENCY
IS HACKED BY A 14-YEAR-OLD
NAMED ALBERT GONZALEZ.
Elfrink: HE HAD IN HIS SPARE TIME,
UNBEKNOWNST TO HIS PARENTS
OR ANYONE ELSE,
HACKED INTO NASA'S MAINFRAME,
NOT FOR ANY PARTICULAR REASON...
JUST TO SHOW HE COULD DO IT,
AS SORT OF, YOU KNOW,
SOMETHING A REBEL KID MIGHT DO.
Hilbert:
IT WAS TRACKED BACK TO HIM.
HE WAS APPROACHED BY THE FBI,
AND HE WAS ASKED IN ESSENCE
WHAT WAS HE DOING.
Narrator:
WHAT HE'S DOING
IS TESTING
THE SYSTEM AND TESTING HIMSELF.
Elfrink:
ALBERT GONZALEZ WAS REALLY
YOUR TYPICAL BLUE-COLLAR KID
IN MIAMI.
HE GOT HIS FIRST PC
WHEN HE WAS 12.
HE WOULD TAKE IT APART
IN HIS BEDROOM
AND PUT IT BACK TOGETHER.
IT WAS EVIDENT THAT HE HAD
A REBEL STREAK.
HE WAS ONLY 14 YEARS OLD
THE FIRST TIME
THE FBI PAID HIM A VISIT.
HE WAS JUST A KID, SO THEY SAID,
"YOU KNOW, LOOK,
WE DON'T WANT TO CHARGE YOU
WITH A CRIME IN THIS CASE.
IF YOU HELP US UNDERSTAND
HOW YOU GOT INTO NASA,
WE'LL LET THIS THING GO."
Hilbert: THEY OFFERED HIM
AN OPPORTUNITY TO HELP
WITH THE IDEA THAT
THAT WOULD MAYBE REFORM HIM,
GET HIM ON THE RIGHT PATH
DOWN THE ROAD.
Elfrink:
HE DIDN'T REFORM.
HE WENT RIGHT BACK
TO DOING WHAT HE'D ALWAYS DONE,
AND THAT REALLY SET UP
THE PATTERN
FOR HOW'D HE BEHAVE
THE REST OF HIS LIFE.
Narrator: EVEN THOUGH
HE'S BEEN WARNED BY THE FBI,
ALBERT DOESN'T STOP HACKING.
TO HIDE HIS IDENTITY,
HE USES AN ALIAS.
FOR AS FAR AS I CAN REMEMBER,
HACKERS HAVE USED PSEUDONYMS.
THEY USE NICKNAMES.
IT'S PART OF YOUR IDENTITY.
IT IS SORT OF PROTECTION.
OBVIOUSLY, IF YOU'RE GONNA BE
BREAKING THE LAW,
YOU DON'T WANT TO GET ONLINE
WITH YOUR REAL NAME.
ALBERT ACTUALLY WENT BY
THE NICKNAME OF "SOUPNAZI."
SO AS HE TRAVELED THE INTERNET,
AS HE EXPLORED AND MET PEOPLE,
THEY KNEW ALBERT AS SOUPNAZI,
NOT AS ALBERT GONZALEZ.
Hilbert: HE HANGS OUT WITH THE
VARIOUS DIFFERENT ONLINE CREWS
THAT ARE OUT THERE, ONE OF WHICH
BEING THE KEEBLER ELVES.
THE KEEBLER ELVES AND OTHER
GROUPS LIKE THEM COLLECT DATA
THAT THEY CAN EITHER SELL
OR PROFIT FROM.
THEY GET THE TAG "BLACK HAT,"
BECAUSE THEIR WHOLE PURPOSE
IS TO DO ILLEGAL ACTS.
ALL HACKERS ARE TESTING SYSTEMS,
LOOKING FOR VULNERABILITIES
OR WEAKNESSES.
WHITE HAT HACKERS
USE THAT INFORMATION FOR GOOD,
AND BLACK HATS
USE THEM FOR BAD.
Monsegur: THESE ARE THE GUYS
THAT ARE BREAKING INTO NETWORKS,
BREAKING INTO BANKS,
SOCIAL ENGINEERING,
YOUR PASSWORD, BREAKING INTO
YOUR BANK ACCOUNT,
SKIMMING YOUR CREDIT CARDS.
THESE ARE WHAT PEOPLE
USUALLY CALL "THE BAD GUYS."
Narrator:
AND ALBERT'S ON HIS WAY
TO BECOMING A FULL-FLEDGED
BLACK HAT,
EVEN AS A TEENAGER.
Elfrink: WITHIN A COUPLE YEARS
OF THIS NASA BREAK-IN,
HE WAS ALREADY STEALING
CREDIT CARDS ONLINE.
Hilbert:
HE GETS CAUGHT UP IN A SCHEME
WHERE HE'S UTILIZING
STOLEN CREDIT CARDS
THAT HE HAS CLONED
TO EXTRACT MONEY
FROM AN ATM MACHINE.
THE LOCAL P.D. PICKS HIM UP,
THEY DON'T KNOW
WHAT TO DO WITH HIM.
BECAUSE IT'S CREDIT CARDS,
THEY CALL THE SECRET SERVICE.
Narrator: THE SECRET SERVICE
INVESTIGATES FINANCIAL CRIMES
INCLUDING COUNTERFEITING,
FORGERY,
AND CREDIT-
AND DEBIT-CARD FRAUD.
ALBERT MAY BE YOUNG,
BUT HE'S LEARNED
FROM HIS NASA HACK THAT HIS
COMPUTER SKILLS ARE VALUABLE.
HE SAID,
"YOU GUYS DROP THE CHARGES,
AND I'LL HELP YOU WITH
WHATEVER YOU NEED HELP WITH."
SO THE SECRET SERVICE
TAKES ADVANTAGE OF THAT.
Narrator: THEY BRING HIM ON
AS A PAID INFORMANT.
Elfrink: THEY ACTUALLY OFFERED
HIM A FULL-TIME JOB, BASICALLY,
TO BE A HACKER IN RESIDENCE
TO HELP THEM
WITH OTHER
ONLINE-CRIME OPERATIONS.
AND HE AGREED.
WHAT THE FEDS DIDN'T KNOW
IS THAT JUST HAS HE ALWAYS HAD,
ALBERT GONZALEZ VERY QUICKLY
WENT BACK TO ILLEGAL OPERATIONS
ON THE INTERNET.
Narrator:
ALBERT RECRUITS A GROUP
OF HACKER FRIENDS TO JOIN HIM,
MOST OF WHOM HE MET ONLINE.
THEY INCLUDE BEST FRIEND
AND BRILLIANT CODER
STEPHEN WATT.
Elfrink: AND WITH THESE FRIENDS,
THEY BEGAN CONCOCTING SOME IDEAS
OF HOW TO STEAL CREDIT CARDS
AND MAKE MONEY OFF OF IT...
...AND EVEN GAVE
THEIR CRIMINAL PLAN
A SOMEWHAT JOKING NICKNAME OF
"OPERATION GET RICH
OR DIE TRYING."
Narrator: THE OPERATION
HAS ONE SIMPLE GOAL.
Hilbert: THEY WERE PLANNING
ON STEALING CREDIT CARDS
AND MAKING A GREAT DEAL
OF MONEY OFF OF IT.
THEY BEGAN BY WARDRIVING,
AND WARDRIVING
IS DRIVING AROUND, LITERALLY,
AND IDENTIFYING
OPEN WI-FI NETWORKS
THAT YOU CAN LOG ON TO
AND STEAL THE INFORMATION
FROM WITHIN THEIR COMPUTERS.
BACK THEN, WARDRIVING WAS
A LITTLE BIT COMPLICATED.
THE ROUTERS AT THE TIME
HAD WEAK SIGNALS, WEAK ANTENNAS,
AND SO IF YOU WANTED
TO BE A SUCCESSFUL WARDRIVER,
YOU HAD TO GO OUT THERE
WITH ALL SORTS OF GADGETS.
AS PART OF THE WARDRIVING
PROCESS, YOU HAVE TO BE CLOSE
TO THE WI-FI SIGNAL ITSELF,
WHICH IS WHY YOU WOULD BE PARKED
IN THE PARKING LOT
OF THE RETAIL STORE
THAT MIGHT HAVE A WI-FI SIGNAL.
Narrator: IN 2004,
THE TECHNOLOGY
IS STILL IN ITS INFANCY.
Elfrink: THIS WAS AT A TIME
WHEN WI-FI WAS FAIRLY NEW.
COMPANIES HAD JUST BEGUN
INSTALLING IT
IN THEIR BUILDINGS,
AND A LOT OF THEM DIDN'T HAVE
MUCH SECURITY AROUND IT.
Monsegur: YOU'RE LOOKING FOR SIGNALS
WITH WEAK ENCRYPTION ALGORITHMS
THAT YOU COULD CRACK
AND BREAK INTO RELATIVELY EASY.
Narrator: ALBERT AND HIS CREW
TARGET WI-FI SIGNALS FROM STORES
THAT USE THEIR NETWORKS
TO SEND FINANCIAL INFORMATION
FROM THE POINT-OF-SALE DEVICE
TO THEIR COMPANY'S HEAD OFFICE.
THE NEXT STEP IS TO FIGURE OUT
HOW TO TAP IN.
Elfrink: ONCE THEY'VE
GOTTEN INTO THE SYSTEM
OF A BIG RETAILER,
THEY WOULD BURROW RIGHT INTO
THE PART OF THE SYSTEM
THAT STORED
CONSUMER INFORMATION,
THE INFORMATION THAT
ANYBODY LEFT OVER ANY TIME
THEY BOUGHT GOODS
WITH A CREDIT CARD.
Monsegur:
NOW THAT HE'S IDENTIFIED
A POTENTIAL WI-FI NETWORK
TO TARGET,
THE NEXT STEP IS TO LOOK AT
AND UNDERSTAND ITS ENCRYPTION.
WHAT KIND OF MECHANISMS
OR AUTHENTICATION SYSTEMS
ARE THEY USING TO SAFEGUARD
THE WI-FI NETWORK
FROM THE REST OF THE POPULACE?
Jiggetts:
ENCRYPTION IS SIMPLY
TAKING INFORMATION
THAT MAKES SENSE
AND SCRAMBLING IT UP
SO IT BECOMES GIBBERISH.
COMPUTERS USE AN ENCRYPTION
ALGORITHM, A SET OF STEPS,
TO TURN PLAIN TEXT,
WHICH IS REAL INFORMATION,
INTO CIPHERTEXT,
OR THE GIBBERISH.
TURN CIPHERTEXT BACK INTO
THE REAL INFORMATION
CAN ONLY BE DONE
BY DECRYPTING IT,
AND DECRYPTION DEPENDS ON
FINDING AN ABSOLUTELY
ESSENTIAL PIECE
OF INFORMATION CALLED A KEY.
Narrator:
WITH THE RIGHT KEY,
ALBERT CAN ACCESS
EVERYTHING ON THE NETWORK.
Monsegur: SO, ONCE ALBERT
LOGS IN TO THE NETWORK,
HE'S ABLE TO LOOK FOR WEAKNESSES
IN THE REST OF
THEIR INFRASTRUCTURE.
THE DIFFERENCE IS
HE'S NO LONGER ON THE OUTSIDE.
NOW HE'S ON THE INSIDE.
ALBERT IS REALLY LOOKING
FOR CREDIT-CARD DETAILS...
THE FULL NUMBERS,
EXPIRATION DATES...
WHICH WOULD ALLOW HIM OR ANYONE
TO CHARGE THE CREDIT CARD
OR EVEN CLONE THE CREDIT CARD.
ON THE BACK OF A CREDIT CARD,
THERE'S A MAGNETIC STRIP,
AND WITHIN THAT STRIP,
THERE ARE ACTUALLY THREE TRACKS.
TRACK ONE IS INFORMATION
AS IT RELATES TO
THE CARD AND THE MANUFACTURER.
TRACK TWO
IS THE PERSONAL INFORMATION
ABOUT THE ACTUAL CARD NUMBER
AND WHO THE OWNER IS AND
WHAT THE EXPIRATION DATE IS.
AND TRACK THREE
IS ADDITIONAL INFORMATION.
WHAT ALBERT NEEDED
WAS TO TRACK TWO DATA
BECAUSE THAT INFORMATION
CAN BE THEN USED
TO CREATE FAKE
OR CLONED CREDIT CARDS.
Narrator:
BUT NOT ALL OF THE INFORMATION
ALBERT AND HIS CREW GATHERS
IS VALUABLE.
Elfrink: ONE PROBLEM THEY'D
ENCOUNTERED WITH WARDRIVING
IS WHEN THEY WOULD STEAL
THESE CREDIT CARDS,
USUALLY A DECENT PERCENTAGE
OF THEM WOULD BE OLD.
YOU KNOW, THEY'D BE EXPIRED,
THEY'D BE TRANSACTIONS
FROM YEARS AGO,
BASICALLY SOMETHING
YOU COULDN'T RESELL.
Narrator: IT'S NOT THE ONLY
SHORTCOMING WITH WARDRIVING.
Jiggetts:
THE DATA-DOWNLOADING PROCESS
IS SLOW AND CONSPICUOUS.
ALBERT OR HIS CREW MEMBERS
SIT IN THE PARKING LOT
FOR HOURS DOWNLOADING DATA.
WHEN HE SITS IN THE PARKING LOT
FOR THAT LONG,
HE'S DRAWING ATTENTION
TO HIMSELF,
SO HE'S FACING A RISK
BY DOING THAT.
Narrator: AND IT'S A RISK ALBERT
CAN NO LONGER AFFORD TO TAKE,
SO HE COMES UP
WITH A HIGH-TECH PLAN.
Elfrink: THEY WERE ABLE TO STEAL
MILLIONS AND MILLIONS
OF CURRENT
CREDIT-CARD TRANSACTIONS.
♪♪
Narrator: IN THE EARLY DAYS
OF WIRELESS INTERNET,
CYBER-CRIMINALS ARE QUICK
TO EXPLOIT ITS WEAKNESSES,
EVEN AS SECURITY
LAGS FAR BEHIND.
23-YEAR-OLD HACKER
AND PAID
SECRET SERVICE INFORMANT
ALBERT GONZALEZ AND HIS CREW
ARE STEALING ACCOUNT INFORMATION
FOR THOUSANDS OF CREDIT CARDS.
IT'S AN ESPECIALLY RISKY CRIME
WHEN YOU ALSO WORK FOR
THE FEDERAL GOVERNMENT.
ALBERT WANTS A BETTER WAY TO
STEAL QUALITY CREDIT-CARD DATA
WITHOUT THE DANGERS OF LOOKING
FOR WI-FI SIGNALS
OUT IN THE OPEN.
HE COMES UP WITH A PLAN.
ALBERT ASKS A CREW MEMBER
TO CREATE A COMPUTER PROGRAM
CALLED A SNIFFER.
THEY INSTALL IT ON SITE,
THEN REMOTELY ACCESS
THE DATA IT GATHERS.
ON AN NETWORK, YOU HAVE TRAFFIC
GOING BACK AND FORTH
BETWEEN COMPUTER AND SERVER,
AND A SNIFFER IS INSTALLED
SOMEWHERE ON THE NETWORK.
AND IT'S JUST LISTENING.
IT'S CAPTURING ALL THE TRAFFIC
GOING BETWEEN, BACK AND FORTH.
IT'S JUST SITTING THERE
GRABBING ALL THIS INFORMATION.
THE SNIFFER REACHERS BEYOND
THE STORE'S COMPUTERS
INTO THE PARENT COMPANY'S
CORPORATE DATABASE.
THEN IT COLLECTS ONLY CHARGE-
CARD DATA ON RECENT PAYMENTS.
IT ENCRYPTS THE DATA
IT COLLECTS,
AND AUTOMATICALLY SENDS IT
TO ALBERT'S COMPUTER
VIA THE WEB.
Hilbert: NOW THEY COULD JUST
INSTALL THIS PROGRAM,
DRIVE AWAY,
AND AT NIGHT,
ALL OF THE INFORMATION
THAT THE SNIFFER COLLECTED
WOULD BE TRANSMITTED
TO THE COMPUTER
THAT THEY WERE SITTING AT,
AND THEY CAN SORT THROUGH IT
AT THEIR LEISURE.
Jiggetts: BECAUSE THE DATA'S
ONLY COLLECTED
ON RECENTPAYMENTS,
HE KNOWS IT'S ALL MARKETABLE.
FOR THIEVES TRYING TO GET
CREDIT-CARD INFORMATION
FROM A BIG COMPANY,
THIS WAS AN ABSOLUTELY GENIUS
NEW TECHNIQUE.
THEY WERE ABLE TO STEAL MILLIONS
AND MILLIONS OF CURRENT
CREDIT-CARD TRANSACTIONS.
Narrator:
WITH A NEW PLAN OF ATTACK,
ALBERT LOOKS TO CAPITALIZE
EVEN MORE
ON HIS CYBER CRIMES
BY FINDING NEW BUYERS.
HE BEGINS HIS SEARCH
BY VISITING A SECRET
AND OBSCURE PART OF THE INTERNET
KNOWN AS THE DARK WEB.
Jiggetts: THE SURFACE WEB
IS WHAT EVERYDAY USERS USE...
FINDING STUFF ONLINE.
THE DEEP WEB GOES EVEN FURTHER
WHERE YOU'RE NOT FINDING
THESE THINGS BY SEARCHES.
YOU HAVE TO KNOW
WHAT TO LOOK FOR,
MAYBE BY I.P. ADDRESS.
THE DARK WEB IS A NETWORK
OF COMPUTERS AND SYSTEMS
THAT WORK TOGETHER.
AND THEY'RE MORE PRIVATE.
THEY'RE A LITTLE BIT
MORE ANONYMOUS,
AND THEY'RE A LITTLE
BIT MORE SECURE.
ANYONE CANNOT JUST
JOIN THE DARK WEB.
YOU'D HAVE TO KNOW SOMEBODY
THAT CAN VET YOU.
YOU CAN'T JUST, LIKE,
GO KNOCKING ON THE FRONT DOOR,
SAY "HEY, I WANT TO JOIN
THE DARK WEB.
CAN YOU LET ME IN?"
Narrator: ALBERT SOON FINDS
WHAT HE'S LOOKING FOR.
Elfrink: ALBERT'S BIGGEST BUYER
THAT HE CONNECTED WITH
FOR THIS STOLEN
CREDIT-CARD INFORMATION
WAS A GUY IN UKRAINE
NAMED MAKSYM YASTREMSKIY.
Hilbert: HE CONNECTED WITH
YASTREMSKIY VIA THE DARK WEB.
Elfrink: HE WAS VERY WELL-KNOWN
AS ONE OF THE BIGGEST
CREDIT-CARD THIEVES
IN THE WORLD,
BUT HE OPERATED
IN UKRAINE IN A PLACE
WHERE HE HAD PROTECTION
FROM CORRUPT OFFICIALS.
HE FELT LIKE HE COULD BASICALLY
OPERATE ALMOST OUT IN THE OPEN.
AFTER ALBERT AND HIS FRIENDS
WOULD STEAL CREDIT-CARD DATA
FROM BIG COMPANIES,
THEY WOULD SEND IT
ELECTRONICALLY
TO MAKSYM YASTREMSKIY
IN UKRAINE.
MAKSYM WOULD BUY
THIS INFORMATION IN BULK.
Narrator: YASTREMSKIY THEN SELLS
BUNDLES OF THIS INFORMATION
ONLINE TO BUYERS
AROUND THE WORLD.
Hilbert: AND THERE'S ONLY
A COUPLE WAYS TO CONVERT
STOLEN CREDIT-CARD DATA
INTO CASH.
ONE IS TO ACTUALLY CREATE
NEW CREDIT CARDS WITH THAT,
CLOSE THOSE CREDIT CARDS,
AND THEN USE THOSE TO GO TO ATMs
OR TO SELL THE CARDS THEMSELVES
TO OTHER INDIVIDUALS ONLINE.
THE OTHER WAY IS
TO ACTUALLY GO AHEAD
AND MAKE PURCHASES
WITH THAT INFORMATION.
YOU'D MAKE THOSE PURCHASE
AT VARIOUS ONLINE STORES,
YOU WOULD THEN IN TURN
SELL THOSE ON THE REGULAR MARKET
AND UTILIZE THE CASH THAT YOU
MADE FROM THOSE TYPES OF SALES.
ONCE THAT MONEY WAS CREATED,
IT WOULD GO TO YASTREMSKIY.
NOW, HE NEEDED
TO BE ABLE TO TRANSFER THAT
TO ALBERT IN SUCH A WAY
THAT ALBERT COULD TAKE IT OUT
IN A CASH FORM.
IT'S NOT LIKE YOU'RE JUST
GONNA GO AHEAD AND SAY
"I'M GONNA SEND IT
FROM BANK 'A' TO BANK 'B.'"
THERE ARE VARIOUS
DIFFERENT WEBSITES THAT ALLOW
FOR THE USE OF CRYPTOCURRENCIES.
YOU ARE GIVEN A WALLET
THAT HAS NO INFORMATION
ABOUT WHO YOU ARE.
YOU CAN NAME IT
IN ANYBODY'S NAME,
YOU CAN PUT ANYTHING
YOU WANT AROUND IT.
WHAT'S IMPORTANT
IS THE WALLET INFORMATION,
AND THAT WALLET
HAS A SPECIALIZED CODE.
AND WHAT THEY WOULD DO
IS AN ONLINE TRANSFER
FROM ONE WALLET TO THE OTHER.
SO IN OTHER WORDS, FROM WALLET
XYZ123 TO WALLET ABC123.
WHEN YOU'RE LOOKING AT THAT FROM
A LAW-ENFORCEMENT PERSPECTIVE
OR FROM AN OUTSIDE PERSPECTIVE,
ALL YOU SEE IS THE ABC123.
YOU CAN'T FIND
THE INFORMATION BEHIND IT,
WHO THE ACTUAL OWNER IS,
AND THIS IS HOW MONEY WOULD BE
TRANSFERRED BACK AND FORTH.
Narrator: DESPITE ALL OF
ALBERT'S HIGH-TECH DECEPTIONS,
THE CREDIT-CARD COMPANIES
START TO NOTICE
FRAUDULENT TRANSACTIONS.
THAT'S WHEN THE SECRET SERVICE
GOT INVOLVED.
Narrator:
BUT WITH CYBER CRIMES,
THE CRIMINAL COULD BE ANYWHERE
OR ANYONE.
THEY WERE COMING IN BLIND,
AND THEY DIDN'T KNOW
WHERE TO TRY TO GET AT
THE THIEVES IN THIS OPERATION.
Narrator:
WHILE THEY HAVE NO IDEA
THAT THE MAIN THIEF
THEY'RE AFTER WORKS FOR THEM,
THE SECRET SERVICE HAS ANOTHER
CREDIT-CARD FRAUD CASE
WITH A KNOWN SUSPECT...
MAKSYM YASTREMSKIY.
Elfrink:
HE WAS A NAME THEY KNEW.
HE WAS A GUY THEY KNEW.
Narrator: THE SECRET SERVICE
KNOWS HIM AS A GO-BETWEEN.
Elfrink: THEY KNEW THAT
THIS WAS THE MIDDLE MAN.
THEY KNEW THIS GUY WAS
DEALING WITH ALL OF THIS DATA.
IF THEY COULD FIGURE OUT
WHERE HE WAS BUYING IT FROM,
THEY COULD WORK THEIR WAY BACK
TO THE THEFT IN THE FIRST PLACE.
Narrator: MEANWHILE, 23-YEAR-OLD
ALBERT TAKES FULL ADVANTAGE
OF THE MONEY COMING IN.
ALBERT VERY QUICKLY BEGAN TO
LIVE BASICALLY LIKE A ROCK STAR.
HE HAD TAKEN THIS
9:00 TO 5:00 JOB WITH THE FEDS
AND WAS BASICALLY
A BUTTON-UP, NORMAL CITIZEN.
THAT CHANGED VERY QUICKLY
AS THE PROFITS STARTED COMING IN
FROM OPERATION GET RICH
OR DIE TRYING.
HE BOUGHT HIMSELF A NEW BMW,
RINGING UP
MULTI-THOUSAND-DOLLAR BILLS
AT HOTELS AND CLUBS.
PART OF THE THRILL FOR ALBERT
WAS BEING A DOUBLE AGENT
AND PLAYING BOTH SIDES
OFF OF EACH OTHER.
ANY HINT HE HAD THAT HE WAS
STILL TRYING TO HELP THE FEDS,
TRYING TO PLAY ON
THE RIGHT SIDE OF THE LAW,
IS TOTALLY OUT THE WINDOW.
AS TIME WENT ON
AND THE CASH STARTED COMING IN,
I THINK THIS BECAME ABOUT GREED
FOR ALBERT.
HE NEEDED MONEY, AND REALLY,
BY THIS POINT IN HIS CRIME,
HE WAS A THIEF MUCH MORE THAN
HE WAS ANYTHING ELSE.
Narrator:
AND THIS THIEF
WANTS TO TAKE HIS HACKS
TO THE NEXT LEVEL.
THE SNIFFER PROGRAM
IS AN EFFECTIVE TOOL,
BUT ALBERT MUST STILL GO THROUGH
A RETAIL STORE'S
WIRELESS NETWORK
TO INITIALLY GET INTO
THE PARENT COMPANY'S DATABASE.
IT'S TOO LIMITING.
WHAT THIS AMBITIOUS HACKER WANTS
IS TO ATTACK A DATABASE
FROM OUTSIDE THE RETAIL STORE'S
WIRELESS NETWORKS.
HE TARGETS
THE INFRASTRUCTURE ITSELF.
Elfrink:
NO ONE HAD REALIZED
THAT THE LANGUAGE
WAS SO VULNERABLE
TO A HACKER GETTING INTO
THE MAIN SYSTEM ITSELF.
IT WAS A NEW RECORD
FOR CREDIT-CARD THEFT.
♪♪
Narrator:
11 YEARS AFTER BREAKING INTO
NASA'S MAINFRAME AS A TEENAGER,
THE NOW 25-YEAR-OLD HACKER
AND SECRET SERVICE EMPLOYEE
ALBERT GONZALEZ
HAS A SUCCESSFUL SIDELINE
OF STEALING
AND SELLING
CREDIT-CARD INFORMATION.
BUT GATHERING THAT INFORMATION
MEANS HACKING INDIVIDUAL STORES
AND THEIR WI-FI NETWORKS
ONE AT A TIME.
HE'S READY TO EXPAND
HIS BUSINESS.
HE WANTS TO GO A LITTLE BIT
MORE WIDESPREAD,
AND HE WANTS TO DO IT
PRETTY QUICKLY.
HIS SNIFFER PROGRAM IS ONLY
BRINING HIM INFORMATION
FROM INDIVIDUAL STORES.
HE ACTUALLY WANTS
ALL OF THE DATA.
Narrator: HE COMES UP
WITH AN AMBITIOUS HACK
THAT DOESN'T RELY ON PROXIMITY
TO A STORE'S WI-FI NETWORK.
Monsegur: WHAT THIS DOES IS
IT GIVES ALBERT AN OPPORTUNITY
TO PROTECT HIS SECURITY,
PROTECT HIMSELF
AND HIS OPERATION
SO THAT HE'S AT THIS POINT
NO LONGER SEEN
ON ANY CCTV CAMERAS
OR BY SECURITY GUARDS.
Narrator: HE AND HIS EXPERT
HACKING CREW DECIDE TO TARGET
A FUNDAMENTAL ELEMENT
OF THE WEB ITSELF...
ONE OF IT'S PROGRAMMING
LANGUAGES, SQL.
SQL, WHICH IS
"STRUCTURED QUERY LANGUAGE,"
IS A PROGRAMMING LANGUAGE
WHICH IS USUALLY TIED
TO A DATABASE,
WHICH IS A BACK END
TO MANY WEB APPLICATIONS
OR WEBSITES.
Monsegur: IT'S KIND OF
AN OLD-SCHOOL DATABASE,
WHICH ALLOWS YOU
TO STRUCTURE YOUR DATA
SO THAT IT'S EASIER TO QUERY.
THEY WERE ABLE TO USE
THAT LANGUAGE TO CORRUPT IT,
TO HACK IT,
TO GET AT THE INFORMATION
THAT PEOPLE WERE SUBMITTING,
THEIR CREDIT-CARD INFORMATION.
Jiggetts: ALBERT IS ABLE TO
ACCESS THE DATABASE IN A WAY
THAT HE'S TRICKING THE DATABASE
INTO ACCEPTING
MALICIOUS COMMANDS.
EVENTUALLY,
ONE OF THE COMMANDS STOOD.
IT EXECUTED, AND IT PROVIDED
ALBERT THE OPPORTUNITY
TO PULL INFORMATION
OUT OF THE DATABASE.
Jiggetts:
WHICH ALLOWS HIM
TO GET ALL THIS CREDIT-CARD DATA
OVER THE WEB.
SO NOW HE DOESN'T HAVE TO BE
ON THEIR NETWORK.
ONCE ALBERT AND HIS CREW CRACK
SQL, ALSO KNOWN AS "SEQUEL,"
THEY INSTALL A MODIFIED VERSION
OF THEIR SNIFFER PROGRAM.
NO ONE HAD REALIZED THAT SEQUEL,
THE LANGUAGE BEING USED
TO COMMUNICATE
WHEN YOU WOULD
BUY SOMETHING ONLINE,
WAS SO VULNERABLE TO A HACKER
GETTING INTO
THE MAIN SYSTEM ITSELF.
BESIDES MAJOR RETAIL CHAINS,
ALBERT EVEN HACKS INTO
A CREDIT-CARD PROCESSING FIRM.
THIS GIVES HIM ACCESS TO WELL
OVER 100 MILLION CREDIT CARDS.
Elfrink: THIS WAS VERY CURRENT
DATA THAT THEY COULD SELL
WITHOUT HAVING TO WORRY
THAT THESE WERE EXPIRED.
IT WAS REALLY ANOTHER
STROKE OF GENIUS
THAT ALBERT AND HIS CREW
REALIZED
THEY COULD USE THIS LANGUAGE
OF THESE WEBSITES
TO GET AT
A WHOLE OTHER BATCH OF DATA.
IT WAS A NEW RECORD
FOR CREDIT-CARD THEFT.
Narrator:
ALBERT'S CREDIT-CARD SCHEME
IS TAKING UP SO MUCH OF HIS TIME
THAT HIS WORK
FOR THE SECRET SERVICE SUFFERS.
WHILE THEY STILL DON'T SUSPECT
THAT HE'S HACKING,
IN EARLY 2008,
THEY LET HIM GO.
AROUND THE SAME TIME,
THEIR SURVEILLANCE
OF ALBERT'S CREDIT-CARD BUYER,
UKRAINIAN CYBER CRIMINAL
MAKSYM YASTREMSKIY, PAYS OFF.
Elfrink:
THEY CAUGHT A BREAK.
AFTER MONTHS OF INVESTIGATING
MAKSYM, HE LEFT THE UKRAINE.
HE WENT ON VACATION
TO A RESORT IN THE MIDDLE EAST.
AGENTS WERE ABLE
TO TAIL HIM THERE.
WHILE HE WAS ACTUALLY
OUT PARTYING AT THIS RESORT,
THEY WERE ABLE
TO GET INTO HIS HOTEL ROOM
AND COPY THE HARD DRIVE
OFF OF HIS LAPTOP
WITHOUT HIM KNOWING
WHAT HAD HAPPENED.
THIS WAS THE KEY BREAK
IN THE CASE.
MAKSYM HAD TURNED OUT TO BE
AN AMAZING RECORD KEEPER.
HE HAD RECORDS
OF ALL OF HIS TRANSACTIONS,
OF ALL OF THE SALES
OF STOLEN CREDIT-CARD DATA,
AND THEIR CHALLENGE NOW
WAS TO UNRAVEL IT.
HE USED CODE NAMES,
HE USED NUMBERS
INSTEAD OF NAMES FOR HIS BUYERS
AND HIS SELLERS.
ONE OF THE NUMBERS ENDED UP
LINKING TO AN E-MAIL ADDRESS,
AND THAT E-MAIL ADDRESS
WAS SOUPNAZI@ A SERVER.
THE WORD "SOUPNAZI"
LIT LIGHT BULBS.
RIGHT AWAY,
THE FEDS MADE A CONNECTION.
Narrator: IT'S SOMEONE THEY KNOW
VERY, VERY WELL.
Elfrink:
ANYONE WHO HAD EVER WORKED
IN ONLINE CRIME
OR WITH ALBERT GONZALEZ
WOULD RECOGNIZE
THE NAME SOUPNAZI IMMEDIATELY.
THE CASE UNRAVELED
PRETTY QUICKLY
AFTER THEY RECOGNIZED
THE SOUPNAZI CONNECTION.
FEDERAL AGENTS SWOOPED IN,
BUT THEY COULDN'T FIND
ALBERT GONZALEZ.
THEY DIDN'T KNOW
WHERE HE WAS HIDING.
THEY KNEW
THEY HAD TO GET HIM QUICKLY.
THEY KNEW HE HAD FAKE PASSPORTS
AND LIKELY COULD TRY
TO GET OUT OF THE COUNTRY.
Narrator: BUT ALBERT
HASN'T SKIPPED THE COUNTRY.
THE NOW 26-YEAR-OLD IS DOING
WHAT HE LOVES MOST... PARTYING.
Elfrink: HE WAS HIDING
IN THE LUXURY SUITE
AT A HOTEL IN SOUTH BEACH.
HE HAD A BEAUTIFUL WOMAN
WITH HIM, $22,000 IN CASH,
AND SEVERAL LAPTOPS.
AND THEY ARRESTED HIM
THAT MORNING.
THOSE KIND OF MISTAKES
ARE VERY PREVALENT
IN MANY
OF THESE CYBER-CRIMINAL CASES.
A LOT OF HACKERS
HAVE BEEN ARRESTED
BECAUSE THEY HAVE MADE MISTAKES,
WHETHER IT WAS OUT OF VANITY
OR SOME SORT OF GREED.
Narrator:
OVER A FOUR-YEAR PERIOD,
ALBERT AND HIS CREW MANAGED
TO HACK OVER 100 MILLION
CREDIT-CARD ACCOUNTS.
Elfrink: IT TOOK MONTHS
TO UNRAVEL JUST HOW MUCH DAMAGE
ALBERT AND HIS CREW HAD DONE.
THE ESTIMATES WERE
A COMBINED MINIMUM
$400 MILLION LOSS
BETWEEN THE LEGAL FEES,
THE SECURITY COSTS,
AND THE ACTUAL DAMAGE THAT
THEY HAD DONE TO THEIR SYSTEMS.
AT HIS PARENTS' HOUSE,
ALBERT HAD ACTUALLY
BURIED A PLASTIC TUB
IN THEIR BACKYARD.
INSIDE THE TUB WAS
MORE THAN $1 MILLION IN CASH.
ALBERT GONZALEZ
ENDED UP SENTENCED
TO 20 YEARS IN FEDERAL PRISON.
IT'S ONE OF THE LONGEST
SENTENCES EVER HANDED DOWN
FOR ONLINE CRIME.
Narrator: CODER STEPHEN WATT
IS SENTENCED TO TWO YEARS.
Elfrink: CORPORATE
SECURITY EXPERTS WILL TELL YOU
THAT THEY LEARNED A LOT
FROM ALBERT'S CRIMES
AND FROM HOW MANY CREDIT CARDS
HE WAS ABLE TO STEAL.
FIRST WI-FI SYSTEMS
SECURITY WAS TIGHTENED,
THEN THEY WERE ABLE TO CLOSE
THE LOOPHOLE THROUGH SQL.
Narrator: THE SECRET SERVICE
DOES NOT COMMENT ON THE ROLES
OF PAID INFORMANTS,
BUT IT'S THOUGHT THAT THEY ARE
MONITORED MORE CLOSELY NOW.
THE SIMPLE FACT IS THAT
THERE'S ALWAYS
GOING TO BE VULNERABILITIES,
AND WHEN THERE'S AS MUCH MONEY
TO BE MADE
FROM STEALING CREDIT CARDS,
THERE'S ALWAYS GONNA BE
SOMEBODY OUT THERE
TRYING TO FIND THOSE WEAKNESSES.
Narrator: FROM THE DARK WEB
TO THE BLACK MARKET,
CRIMINALS ARE ALWAYS
ON THE LOOKOUT
FOR HIGH-VALUE TARGETS.
THE STREET VALUE
OF PRESCRIPTION DRUGS
CAN BE JUST AS ATTRACTIVE
AS CREDIT-CARD INFORMATION.
[ SIREN WAILS ]
ON SUNDAY MARCH 14, 2010,
ENFIELD, CONNECTICUT, POLICE
ARE SUMMONED TO A PHARMACEUTICAL
COMPANY WAREHOUSE
ON THE OUTSKIRTS OF TOWN.
IT'S A DISTRIBUTION CENTER
FOR THE ENTIRE EAST COAST.
Narrator:
THE 70,000-SQUARE-FACILITY
HOUSES COSTLY MEDICINES
LIKE ANTIDEPRESSANTS,
CANCER-FIGHTING DRUGS,
AND ANTIPSYCHOTICS,
WHICH ARE DISTRIBUTED
UP AND DOWN
THE EASTERN SEABOARD.
IT'S A SIGNIFICANT BUILDING.
Narrator:
AND IT'S BEEN ROBBED
OF $60 MILLION WORTH
OF PHARMACEUTICALS.
IT WAS THE LARGEST
PHARMACEUTICAL THEFT
IN THE HISTORY
OF THE UNITED STATES.
Narrator: THIS KIND OF HEIST
COULD ONLY BE PULLED OFF
BY HIGH-TECH CAREER CRIMINALS
WITH A SPECIALTY
IN ALARM SYSTEMS.
THE TWO BROTHERS THAT WERE
THE LEAD IN THIS OPERATION
WAS AMED AND AMAURY VILLA.
THIS IS A SOPHISTICATED,
INTERNATIONAL CARGO-THEFT RING
BASED OUT OF MIAMI, FLORIDA.
Narrator:
THE CONNECTICUT FACILITY
IS SOPHISTICATED, AS WELL,
WITH ELABORATE SECURITY.
THE WAREHOUSE IS PROTECTED
BY AN EXTENSIVE SECURITY SYSTEM
THAT INCLUDES TAMPER ALARMS
ON SECURITY ELECTRONICS,
MOTION DETECTORS,
AND ALARMS
ON EVERY DOOR AND WINDOW.
Narrator: THE SYSTEM IS THOUGHT
TO BE SO GOOD THAT THE EXTERIOR
OF THE WAREHOUSE ITSELF
HAS LIMITED SECURITY FEATURES.
Sferrazza:
THERE WAS NO EXTERIOR FENCES.
THERE WERE NO SECURITY
GUARDS ON THE PREMISES.
Narrator: THE REAL TECH
SECURING THE WAREHOUSE
IS CONTROLLED FROM WITHIN.
THE NERVE CENTER OF
THIS HIGH-TECH SECURITY SYSTEM
IS THE INTRUSION ALARM PANEL.
THIS INTRUSION ALARM PANEL
COORDINATES, ANALYZES,
AND ACTS ON ALL THE ELECTRICAL
AND DIGITAL CONNECTIONS FROM ALL
THE DETECTORS IN THE WAREHOUSE.
IT IS ESSENTIALLY A BOX WHERE
ALL THE ALARMS WOULD GO TO.
IF YOU WERE TO CUT A CCTV FEED,
THIS IS WHERE
YOU WOULD WANT TO DO IT.
IF YOU NEED TO CUT OFF
GROUND COMMUNICATIONS,
THIS IS WHERE
YOU WOULD WANT TO DO IT.
SO, THAT PANEL ITSELF
HAS TO BE SECURED, AS WELL.
YOU CAN'T JUST OPEN IT UP
AND START PULLING PLUGS ON IT.
IF IT'S OPENED UP,
IT SETS OFF AN ALARM.
Sferrazza: THE ALARM PANEL IS THE
BRAINS OF THE SECURITY SYSTEM,
BUT IT IS VULNERABLE
IF IT'S COMPROMISED IN ANY WAY.
Narrator:
TO GET TO THE PANEL,
THE THIEVES HAVE TO
GET INTO THE WAREHOUSE.
Hammack: THE ESSENTIAL STEP
IN THE VILLA BROTHERS' PLAN
IS TO CUT ALL COMMUNICATION
BETWEEN THE INTRUSION PANEL
AND THE OUTSIDE WORLD.
Narrator: BUT THEY HAVE TO
DODGE SECURITY FIRST.
♪♪
Narrator: CAREER CRIMINALS AMED
AND AMAURY VILLA HAVE MADE OFF
WITH $60 MILLION
IN PRESCRIPTION DRUGS
IN A WEEKEND HEIST
FROM A WAREHOUSE
IN ENFIELD, CONNECTICUT.
A HIGH-TECH ROBBERY OF THIS
MAGNITUDE COULD ONLY BE DONE
AFTER MONTHS PREPARATION
BY THE BROTHERS.
I WOULD DESCRIBE THIS ROBBERY
AS METICULOUS.
THEY OBVIOUSLY PUT
A LOT OF TIME INTO PLANNING.
THEY DID A LOT OF RESEARCH
OF ALL THE SECURITY MECHANISMS
IN PLACE.
IT'S A SURPRISE
THAT IT EVEN TOOK PLACE.
IT WAS JUST
A SOPHISTICATED ATTACK.
Sferrazza: WE BELIEVE
THEY HAD DONE SURVEILLANCE.
THEY WERE LOOKING TO SEE
THE LOCATION OF THE FACILITY,
PEDESTRIAN AND VEHICLE TRAFFIC,
DAYS OF WEEK, TIME OF ACTIVITY.
BECAUSE THE VILLA BROTHERS
WHERE CAREER CRIMINALS,
THEY KNEW WHAT TO LOOK FOR.
THEY KNEW HOW TO SEARCH ONLINE
AND IDENTIFY PLANS
FOR THE BUILDING.
THEY KNEW HOW TO LOOK
AT THE VARIOUS
DIFFERENT SECURITY SYSTEMS
THAT WERE PUT IN PLACE
THAT WERE VISIBLE
OUTSIDE OF THE WAREHOUSE
AND IDENTIFY THE MAKERS,
THE NAMES, THE BRANDS,
AND THINGS OF THAT NATURE,
AND THEY DID THEIR RESEARCH.
Narrator: AFTER COMPLETING
THEIR EXTENSIVE RESEARCH,
THE TECH-SAVVY CRIMINALS
ARE READY TO EXECUTE THEIR PLAN.
Sferrazza:
IT WAS A SATURDAY NIGHT.
THERE WAS NOBODY WORKING
AT THAT TIME.
THEY CLIMBED UP ONTO THE ROOF.
Narrator:
THE BROTHERS' RESEARCH REVEALED
THAT THE ROOF
ABOVE THE CONTROL ROOM
ISN'T ADEQUATELY PROTECTED
BY SECURITY CAMERAS.
THEY WERE FAMILIAR WITH HOW
THESE BUILDINGS ARE CONSTRUCTED
AND BY THE VISUAL SIGHT
OF THE BUILDING
COULD DETERMINE
WHERE THE CONTROL ROOM
AND THE ALARM PANELS
WERE LOCATED.
THEY HAD BROUGHT TOOLS
AND WERE ABLE TO CUT
AN OPENING INTO THE ROOF.
Narrator: BUT BEFORE THE THIEVES
CAN DISABLE THE ALARM PANEL
INSIDE THE WAREHOUSE,
THERE IS ONE THING THEY MUST DO.
THE ESSENTIAL STEP
IN THE VILLA BROTHERS' PLAN
IS TO CUT ALL COMMUNICATION
BETWEEN THE INTRUSION PANEL
AND THE OUTSIDE WORLD.
THAT WAY, THEY CAN TRIP
ANY ALARM THEY WISH,
BUT IT WON'T MATTER.
THE INTRUSION PANEL'S
PRIMARY METHOD OF COMMUNICATING
WITH THE OUTSIDE WORLD
IS BY TELEPHONE LAND LINES.
IF THE HARD LINE
INTO THE BUILDING ARE CUT,
THE SYSTEM WILL AUTOMATICALLY
DEFAULT OVER
TO A CELLULAR OR
A MOBILE-DEVICE COMMUNICATION.
BY CUTTING THIS,
THEY CAN CUT THAT ABILITY
FOR THAT COMMUNICATION
TO GO OUT, AS WELL.
DISABLING THE CELLPHONE MEANS
THAT ONCE
THE VILLA BROTHERS
ENTER THE CONTROL ROOM
AND DISABLE THEIR LAND LINES
IN THE INTRUSION PANEL,
THERE'LL BE
NO COMMUTATION BETWEEN
THE INTRUSION PANEL
AND THE OUTSIDE WORLD.
Narrator:
WITH THE CELLPHONE CUT OFF,
THE VILLA BROTHERS
ENTER THE WAREHOUSE,
READY TO TACKLE THE LAND LINE.
Sferrazza: THE POINT OF ENTRY
WAS ABOVE THE CONTROL ROOM.
THEY DROPPED THE ROPES DOWN
AND REPELLED FROM THE ROOF
INTO THE CONTROL ROOM.
Narrator: THE INTRUSION PANEL
IS ONLY A FEW FEET AWAY.
♪♪
BUT THE BROTHERS
KNOW BETTER THAN TO MOVE.
THE AREA NEXT TO THE ENTRANCE
TO THE CONTROL ROOM
WITH THE INTRUSION PANEL
IS PROTECTED
BY A MOTION DETECTOR.
Narrator:
BUT THE VILLA BROTHERS'
MONTHS OF RESEARCH HAS REVEALED
THAT THE MOTION DETECTOR
GUARDING THE INTRUSION PANEL
HAS A LIMITED RANGE.
THEY KNEW THAT THE ALARM SYSTEMS
HAVE THESE DETECTORS
THAT ONLY GO OUT FIVE FEET.
Narrator: MEANING THEY CAN GET
VERY CLOSE BEFORE TRIGGERING
THE MOTION-DETECTOR SENSOR.
Hammack: THE MOTION DETECTOR
ON THE CONTROL ROOM'S WALL
USES AN INFRARED SENSOR
TO DETECT INFRARED ENERGY.
Hilbert: INFRARED IS BASICALLY
THE HEAT WAVES
THAT YOU GIVE OFF ON YOUR BODY.
THE INFRARED SENSOR WORKS
BY NOTING CHANGES IN THE AMOUNT
OF INFRARED HEAT ENERGY.
WHEN IT DETECTS
A SUBSTANTIAL INCREASE
IN THE AMOUNT
OF INFRARED ENERGY,
IT SENDS AN ALARM
TO THE INTRUSION PANEL.
Narrator: BUT THE VILLA BROTHERS
HAVE A TRICK TO BEAT IT.
IF YOU MOVE VERY SLOWLY
AND YOU CAN SHIELD YOUR BODY
FROM THE DETECTOR ITSELF,
BEHIND STYROFOAM PANELS,
YOU CAN FOOL IT INTO BELIEVING
THAT THERE'S BEEN
NO CHANGE IN THE HEAT,
AND THAT'S EXACTLY
WHAT THE VILLA BROTHERS DO.
THEY UTILIZE A ROOM DIVIDER,
AND THEY MOVE VERY SLOWLY
SO THERE'S NO SPIKE IN HEAT.
THEY MAKE THEIR WAY
TO THE INTRUSION PANEL
WITHOUT TRIGGERING
THE MOTION DETECTOR.
Narrator: NEXT STEP,
DISARMING THE INTRUSION PANEL.
Jiggetts:
THE TAMPER SWITCH IS PLACED
IN THE UPPER-LEFT CORNER.
IT'LL SOUND THE ALARM
AS SOON AS THE PANEL DOOR OPENS.
BUT AMED MANAGES TO KEEP
THE TAMPER ALARM INTACT
BY PEELING AWAY THE PANEL DOOR.
Narrator: THE BROTHERS HAVE
ALREADY DISABLED THE CELLPHONE.
NOW ONLY THE POWER CABLE
AND LAND LINE REMAIN.
Jiggetts: IF AMED DISCONNECTS
THE WRONG CABLES,
HE MAY TRIP ANOTHER ALARM.
THE ONLY WAY THE VILLA BROTHERS
WOULD REALLY KNOW
THEY'D MADE A MISTAKE
IS IF THE POLICE SHOW UP.
BUT AMED HAS DONE HIS HOMEWORK.
HE DISCONNECTS THE PHONE LINES
WITHOUT ANY PROBLEMS.
Sferrazza: THIS WASN'T
THEIR FIRST TIME OUT.
THEY HAD EXPERIENCE
KNOWING WHICH WIRES TO CUT.
Narrator:
LEAVING THE BROTHERS FREE
TO CLEAR OUT THE WAREHOUSE.
THE BROTHERS LOAD OVER $60
MILLION OF PRESCRIPTION DRUGS
INTO THE TRUCK
THEY HAD PARKED OUTSIDE.
Sferrazza: THEY WERE FREE
TO OPERATE AT EASE.
THEY FELT NO RUSH,
AND THEY BEGAN, THEN,
TO USE A FORKLIFT TO LOAD UP
40 PALLETS OF THESE DRUGS.
Narrator: THERE'S ONLY ONE THING
THEY DIDN'T ACCOUNT FOR.
Sferrazza: WHEN THE THIEVES
CUT THE ALARM SYSTEM
AND THE PHONE LINES,
THAT TRIGGERED WHAT WE CALL
A COMMUNICATION FAILURE
TO THE ALARM COMPANY.
COMMUNICATION FAILURE
IS NOT AN INTRUSION ALARM.
IT JUST IS LETTING
THE COMPANY REP KNOW
THAT IT COULD BE A LOW BATTERY
OR SOMETHING'S GONE WRONG
WITH THE COMMUNICATION.
AND THERE'S CONSTANT
COMMUNICATION, BACK AND FORTH,
TO THE MONITORING COMPANY.
IT IS A CONTINUOUS,
"ARE YOU THERE?"
"YES, I'M THERE."
"ARE YOU THERE?
"YES, I'M THERE."
Sferrazza:
THEY LEFT A MESSAGE
ON THE ANSWERING MACHINE
OF THE COMPANY REPRESENTATIVE.
THIS IS LIKE
4:00 IN THE MORNING NOW.
THEY CALLED HER A SECOND TIME,
SO AROUND NOON TIME
ON MARCH 14th,
WHEN THE COMPANY REP
WENT INTO THE ELI LILLY...
AND THAT'S WHEN SHE NOTIFIED
THE AUTHORITIES.
Narrator: THEIR CAREFUL RESEARCH
DID NOT ACCOUNT
FOR THE COMPANY REP
SHOWING UP ON A SUNDAY.
THE BROTHERS ARE ON THE RUN,
BUT THEY DON'T HAVE
AS MUCH TIME AS THEY THINK.
THE NAIL IN THE COFFIN
IS THE DNA.
♪♪
Narrator: AFTER CAREER CRIMINALS
DEFEAT THE HIGH-TECH SECURITY
INSIDE
A PHARMACEUTICAL WAREHOUSE
AND MAKE OFF WITH
$60 MILLION WORTH OF DRUGS,
THE LOCAL POLICE ARE NOTIFIED.
Hilbert: THE POLICE SHOW UP,
AND THEY SECURE THE LOCATION...
THE WAREHOUSE AND AROUND IT.
Sferrazza: THE FORENSIC PART
OF THIS INVESTIGATION
STARTED WITH COLLECTING
THE EVIDENCE IN THE ROOM.
Hilbert: THIS INCLUDES TAKING
PICTURES OF THE GROUNDS AROUND IT,
LOOKING FOR FOOTPRINTS,
LOOKING FOR ANYTHING
THAT SEEMS JUST OUT OF PLACE
FOR THE WAREHOUSE
AS IT SHOULD HAVE BEEN
WHEN IT CLOSED UP
ON FRIDAY OR SATURDAY.
♪♪
Narrator:
ONE THING OUT OF THE ORDINARY
IS A COLLECTION OF TOOLS
ON THE ROOF.
Sferrazza:
THE THIEVES HAD LEFT
ABOUT 12 TO 14 SEPARATE PIECES.
Narrator: IT'S NOT
THE ONLY EVIDENCE THEY FIND.
Sferrazza: ONE OF OUR DETECTIVES
DID SPOT A WATER BOTTLE.
IT VERY EASILY
COULD HAVE BEEN WRITTEN OFF
AS JUST AN EMPTY WATER BOTTLE,
BUT THE DETECTIVE
DID THE RIGHT THING.
HE PHOTOGRAPHED IT, PUT IT IN
THE PROPER EVIDENCE CONTAINER.
Narrator: THE BOTTLE IS SENT OUT
FOR FORENSIC TESTING.
Hilbert: THE WATER BOTTLES
ARE THE KEY HERE,
BECAUSE IF
THEY WERE WEARING GLOVES,
THEY DIDN'T LEAVE
ANY FINGERPRINTS,
BUT IF THEY DRANK
OUT OF THE WATER BOTTLES,
THEY'RE GONNA LEAVE DNA.
Narrator:
WHILE THE DNA IS BEING ANALYZED,
POLICE FOCUS ON THE TOOLS.
Sferrazza: OUR LEAD DETECTIVE
TOOK THESE TOOLS,
WAS ABLE TO TRACK THEM BACK
TO ONE PARTICULAR
NATIONAL DISTRIBUTOR,
WHO THEN WAS ABLE
TO SEARCH THEIR DATABASE
AND FIND THAT THESE TOOLS
IN THIS COMBINATION
WERE ONLY SOLD ONE TIME THE DAY
BEFORE THE ROBBERY
IN FLUSHING, NEW YORK,
RIGHT NEXT TO LaGuardia AIRPORT.
JUST ABOUT EVERY PRODUCT
SOLD IN RETAIL STORES
HAS A SKU,
OR STOCK KEEPING UNIT.
IT'S A SPECIFIC CODE ASSIGNED
TO ITS PRODUCTS BY THE RETAILER.
ALL THE SKU PRODUCT INFORMATION,
AS WELL AS THE DATE
AND TIME OF SCAN
AND THE STORE'S LOCATION,
ARE ENTERED
INTO THE STORE'S DATABASE
AND CAN BE EASILY RETRIEVED.
Hilbert: THEY CONNECT THAT UP
WITH THE CCTV CAMERA FEEDS
FOR THIS STORE,
AND THEY'RE ABLE
TO IDENTIFY THE CAR
OF THE INDIVIDUALS RESPONSIBLE
FOR BUYING THESE TOOLS.
THEY EXTRACT THE LICENSE PLATE
FROM THAT CAR
AND SEE THAT IT'S ACTUALLY
A RENTAL CAR.
Narrator: WHEN POLICE TRACK IT
BACK TO THE RENTAL AGENCY,
THEY COME UP WITH A NAME...
AMAURY VILLA.
Hilbert: WHILE DOING
THAT RENTAL APPLICATION,
THE VILLA BROTHER
WOULD HAVE PROVIDED
HIS DRIVER'S LICENSE
WITH HIS PICTURE ON IT.
THE COPS GET A COPY
OF THIS DRIVER'S LICENSE
WITH HIS PICTURE
AND ARE ABLE TO MATCH
THAT PARTICULAR PICTURE UP
WITH THE CCTV CAMERA FOOTAGE
FROM THE WAREHOUSE
AND SEE THAT, IN FACT,
IT IS ONE OF THE VILLA BROTHERS.
BEING ABLE TO IDENTIFY
THE CAR OF THE DRIVER
IS ONE PIECE IN THE PUZZLE,
BUT THE NAIL IN THE COFFIN
IS THE DNA.
YOUR DNA IS WHAT GIVES YOU YOUR
BLUE EYE COLOR OR YOUR RED HAIR,
SO COLLECTING THE DNA
AT THIS SITE
AND THEN COLLECTING THE DNA
OF THE POTENTIAL SUSPECTS...
YOU CAN DO A ONE-TO-ONE MATCH
AND IDENTIFY
IF THEY WERE, IN FACT,
THE PEOPLE THAT WERE THERE.
ONCE THE DNA EVIDENCE HAS COME
BACK FROM THE WATER BOTTLES,
THEY WERE ABLE TO MATCH IT UP
WITH THE VILLA BROTHERS,
AND THEREFORE,
THEY HAVE THEIR CASE.
I DON'T BELIEVE
THERE IS A PERFECT CRIME.
THE VILLA BROTHERS JUST MADE
ONE OR TWO MISTAKES
OUT OF THE 100 DECISIONS
THEY HAD TO MAKE.
Narrator:
BUT THAT WAS ENOUGH.
AMED AND AMAURY ARE SERVING TIME
FOR THE ROBBERY
OF OVER $60 MILLION
OF PRESCRIPTION DRUGS.
THEY RECEIVED FROM
SEVEN TO EIGHT YEARS IN PRISON.
Narrator: AMAZINGLY, ALL OF
THE STOLEN DRUGS WERE RECOVERED.
HAVING LEARNED A HARD LESSON,
THE PHARMACEUTICAL COMPANY
TAKES DECISIVE ACTION
TO MAKE SURE
THIS DOESN'T HAPPEN AGAIN.
THEY IMMEDIATELY BEGAN TO HIRE
OFF-DUTY POLICE OFFICERS
FOR SECURITY,
AND THEN THEY ERECTED
A PRETTY FORMIDABLE FENCE NOW.
AND THEY ALSO MADE SIGNIFICANT,
COMPREHENSIVE CHANGES
TO THEIR SECURITY SYSTEMS.
Hilbert: PHARMACEUTICAL
COMPANIES ACROSS THE COUNTRY
REVAMPED THEIR
SECURITY MEASURES.
WHATEVER CHANGES
THEY HAVE MADE HAVE RESULTED IN
NO SIMILAR PHARMACEUTICAL THEFTS
IN RECENT HISTORY.
Narrator: ON THE OTHER SIDE
OF THE COUNTRY,
AN L.A.-BASED CRIME SYNDICATE
KNOWN AS ARMENIAN POWER
IS TWISTING TECH TO ITS OWN ENDS
AS IT BRANCHES OUT
FROM TRADITIONAL ROBBERY
AND EXTORTION
TO CREDIT-CARD SKIMMING FRAUD.
THEY'RE RIPPING THE IDENTITIES
OFF FROM INNOCENT VICTIMS,
AND THEN THEY'RE TAKING
THAT INFORMATION,
THEY'RE PUTTING IT INTO OTHER
RE-CODED CREDIT CARDS.
Narrator:
THE FAKE CREDIT CARDS ARE USED
TO BUY ENORMOUS AMOUNTS OF GAS,
WHICH IS THEN RESOLD.
Reporter:
IT IS A DANGEROUS OPERATION.
POLICE CALLED THIS
"A BOMB ON WHEELS."
♪♪
Narrator: A SOPHISTICATED
CREDIT-CARD FRAUD IS MARRIED
WITH OLD-SCHOOL ROBBERY
IN A 21st-CENTURY
MONEY-MAKING SCAM.
THE PLAN IS TO STEAL
CREDIT-CARD ACCOUNT INFORMATION
RIGHT FROM THE GAS PUMPS
WHERE PEOPLE FILL UP THEIR CARS.
THE MASTERMINDS BEHIND THIS PLOT
ARE MEMBERS OF L.A.-BASED
CRIME SYNDICATE ARMENIAN POWER,
EVEN THOUGH THE RUTHLESS GANG
IS BEING WATCHED
BY THE AUTHORITIES.
IN 2008,
THE L.A. FRAUD TASK FORCE,
MADE UP OF THE U.S.
SECRET SERVICE AND THE L.A.P.D.,
IS SET UP TO TRACK ARMENIAN
POWER'S ILLEGAL ACTIVITIES,
WHICH RANGE FROM BANK FRAUD
AND IDENTIFY THEFT
TO VIOLENT EXTORTION
AND KIDNAPPINGS.
Hilbert: ARMENIAN POWER
WAS ACTUALLY TAKEN DOWN
BY A SPECIAL TASK FORCE.
IN 2011, A GREAT NUMBER OF THEM
WERE ACTUALLY ARRESTED
AND PUT INTO JAIL,
BUT THEY WERE CONTINUED
TO BE MONITORED
BECAUSE THAT'S WHAT HAPPENS
WITH GANGS.
Narrator: EVEN WITH MOST
OF THE GANG IN PRISON,
THE TASK FORCE SECRETLY INSTALLS
GPS TRACKING DEVICES
ON THE CAR USED
BY TWO ARMENIAN POWER MEMBERS...
NAZAR DANIYELYAN
AND ANTHONY TNGRYAN.
THE CAR LEADS AGENTS TO TWO
COACHELLA VALLEY GAS STATIONS,
WHERE THEY DISCOVER
ILLEGAL CREDIT-CARD SKIMMERS
AT THE PUMPS.
A SKIMMER IS A DEVICE
THAT READS THE MAGNETIC STRIP
OFF OF A CREDIT CARD.
ILLEGAL SKIMMERS ARE DEVICES
THAT ARE PLACED IN LOCATIONS
WHERE THEY LOOK TO BE PART
OF THE EQUIPMENT AS IT EXISTS.
THE SKIMMER THEN COLLECTS
THE CREDIT-CARD INFORMATION.
Narrator: THE SKIMMERS
HAD BEEN THERE FOR WEEKS,
SECRETLY INSTALLED BY THE GANG.
THIS IS HOW ARMENIAN POWER
DID IT...
AFTER PARKING LARGE VANS
BY THE PUMPS
TO BLOCK THE VIEW OF CCTVs
AND GAS-STATION EMPLOYEES,
GANG MEMBERS INSTALLED
SKIMMER DEVICES ON THE PUMPS.
SOME SKIMMERS ARE HOMEMADE,
MADE WITH PARTS PURCHASED
AT ELECTRONIC STORES,
INCLUDING CIRCUIT BOARDS,
SOLDERING EQUIPMENT, GLUE GUNS,
ELECTRICAL TAPE, AND WIRES.
THE SKIMMERS STEAL, COPY,
AND STORE CREDIT-CARD DATA
FROM CARDS USED TO PAY FOR GAS.
THIS SCAM ITSELF ISN'T NEW,
BUT HOW THE DATA IS COLLECTED
HAS BEEN UPGRADED.
THE GANG NOW USES
BLUETOOTH TECHNOLOGY
TO TRANSMIT INFORMATION
OVER RADIO WAVES
INSTEAD OF HAVING TO RETRIEVE
THE SKIMMERS THEMSELVES
OR HARDWIRE IN.
Monsegur:
AS TIMES PROGRESSED
AND SCAMMERS
HAVE GOTTEN MORE SOPHISTICATED,
THEY'VE ALSO CREATED
BLUETOOTH SKIMMERS.
BEFORE THEN, ATTACKERS WOULD
HAVE TO BABYSIT THE DEVICE,
AND THEY WOULD HAVE TO
WAIT AROUND,
POTENTIALLY COMPROMISING
THEIR IDENTITY.
NOW THAT WE HAVE
BLUETOOTH-ENABLED SKIMMERS,
THE BAD GUYS
NEVER HAVE TO GO BACK.
WHEN THE CARD GOES IN,
IT AUTOMATICALLY
IS TRANSMITTED TO,
VIA BLUETOOTH, TO ANOTHER
STORAGE DEVICE 100 YARDS AWAY,
AND THE BAD GUYS CAN DRIVE AWAY
WITH THE INFORMATION,
LEAVING HE SKIMMER BEHIND
WITH NO PROBLEM.
Narrator: THE STOLEN DATA IS FED
TO A CLONING DEVICE.
IT'S A MAGNETIC CARD ENCODER,
AND IT PUTS THE DATA
ONTO A BLANK CARD.
Hilbert:
THE MAGNETIC-STRIP ENCODERS
ARE ACTUALLY VERY EASY TO FIND,
BECAUSE MAGNETIC-STRIP ENCODING
IS UTILIZED
ON ALL KINDS
OF DIFFERENT THINGS...
YOUR ACCESS BADGE TO YOUR WORK,
YOUR DRIVER'S LICENSE.
YOU CAN BUY THESE DEVICES
DIRECTLY FROM
THE MANUFACTURER THEMSELVES.
AS YOU USE YOUR CREDIT CARD
TO GO INTO
YOUR LOCAL GAS STATION,
THAT PUMP HAS A SKIMMER ON IT,
AND THAT'S WHAT THEY'VE PLANTED,
THESE SKIMMERS,
AND THEY'RE RIPPING
THE IDENTITIES
OFF FROM INNOCENT VICTIMS.
AND THEN THEY'RE TAKING
THAT INFORMATION,
THEY'RE PUTTING IT INTO OTHER
RE-CODED CREDIT CARDS.
Narrator:
WITH THE RE-CODED CARDS,
THE CRIMINALS BUY GAS,
BUT NOT JUST A TANK FULL.
Reporter: THE SMALLER TRUCKS,
CALLED "BLADDER TRUCKS"...
"BLADDER" BECAUSE OF THE
MAKESHIFT ILLEGAL TANKS INSIDE
USED TO CARRY THE STOLEN DIESEL.
Hammack: THE GANG JERRY-RIGGED
TRUCKS BY HIDING HUGE TANKS,
OR BLADDERS, INSIDE THEM.
THE BLADDERS CAN HOLD
UP TO 500 GALLONS OF FUEL.
A SPECIALIZED
SIPHONING PUMP TRANSFORMS FUEL
FROM THE GAS TANK
INTO THE BLADDER.
Narrator: THE HOMEMADE BLADDER
IS A LARGE, FLEXIBLE CONTAINER
EITHER MADE OF METAL OR PLASTIC
HIDDEN IN THE BACK OF VANS
OR COVERED PICKUP TRUCKS.
THE GANG TAKES AS MUCH FUEL
AS THE PUMP IS AUTHORIZED
TO GIVE TO A SINGLE CARD,
USUALLY $75.
THEN THEY INSERT ANOTHER
CLONED CARD IN THE SAME PUMP.
♪♪
THEY KEEP DOING THIS
UNTIL THE BLADDER TANK IS FULL,
THEN THEY DRIVE IT AWAY
TO RESELL THE STOLEN GAS
TO OTHER GAS STATIONS.
THEY'RE GETTING IT
AT A DISCOUNT,
THEY KNOW IT'S AT A DISCOUNT,
THEY KNOW IT'S STOLEN.
Narrator: AS THEY HEAD DOWN THE
CONGESTED CALIFORNIA FREEWAYS,
THE GAS-FILLED TRUCKS
PUT THE GANG
AND OTHER DRIVERS AT RISK.
THESE TRUCKS
ARE EXTREMELY DANGEROUS
DUE TO THE HOMEMADE GAS TANKS
AND THE AMOUNT OF GASOLINE
THEY'RE CARRYING.
Narrator: THE TRUCKS CAN EXPLODE
AT ANY MOMENT.
Hammack: THE WEIGHT OF THE GAS
CAN CAUSE BRAKING PROBLEMS,
THE JERRY-RIGGED PIPES, PUMPS,
AND TANKS OFTEN LEAK,
AND THEIR CARGO MAKES THEM
HIGHLY COMBUSTIBLE,
SO THEY CAN IGNITE ALL AT ONCE.
Narrator: IT'S BEEN ESTIMATED
THAT AT ANY GIVEN TIME,
THERE ARE 20 TO 30
OF THESE DEADLY BLADDER TRUCKS
DRIVING DOWN L.A. FREEWAYS
AND SIDE STREETS.
ON DECEMBER 7, 2014,
THE L.A. TASK FORCE
GETS A BREAK IN THE CASE.
THE GPS
THE TASK FORCE HAD INSTALLED
ON A GANG MEMBER'S CAR TRACKS
THE UNSUSPECTING CRIMINALS
TO A CASINO,
WHOSE SURVEILLANCE FOOTAGE
ALLOWS FOR THE SUSPECTS
TO BE IDENTIFIED.
10 MONTHS LATER,
NAZAR DANIYELYAN
AND ANTHONY TNGRYAN,
ALONG WITH SIX OTHERS,
ARE CHARGED WITH FEDERAL FRAUD
AND IDENTITY THEFT.
AUTHORITIES HOPE THAT
WITH NEW SECURITY MEASURES,
THESE KINDS OF CRIMES
WILL DISAPPEAR.
Hilbert:
TECHNOLOGY AND THE PROCESSES
HAVE CHANGED DRAMATICALLY.
GAS COMPANIES HAVE CHANGED
THE WAY WITH WHICH
THE CARD-PAYMENT DEVICE
IS INSTALLED.
SOME HAVE INSTALLED
SHRIEKING ALARMS
IF YOU TRY TO MESS WITH THEM.
Narrator: FOR THEIR PART,
CREDIT-CARD COMPANIES
HAVE INCREASED WHAT ARE CALLED
"VELOCITY CHECKS."
THIS IS WHERE AN ALERT
IS TRIGGERED IF THE SAME CARD
IS USED TO BUY
MANY FULL TANKS OF GAS
AT MORE THAN ONE LOCATION
ON THE SAME DAY.
NEW CREDIT-CARD CHIP TECHNOLOGY
WILL ALSO MAKE IT HARDER
TO COUNTERFEIT CARDS.
SO, AS CHIP-ENABLED READERS
ARE SLOWLY INSTALLED
AT GAS PUMPS ACROSS THE U.S.,
THE POSSIBILITY OF THIS
KIND OF FRAUD WILL DECREASE.
BIG-BOX STORES ARE NO MATCH
FOR A GIFTED 21st-CENTURY HACKER
ON A SHOPPING SPREE
FOR CREDIT-CARD NUMBERS.
Elfrink: FOR THIEVES TRYING
TO GET CREDIT-CARD INFORMATION
FROM A BIG COMPANY, THIS WAS AN
ABSOLUTELY GENIUS NEW TECHNIQUE.
Narrator: CAREER CRIMINALS
FUSE OLD-FASHIONED KNOW-HOW
AND ENGINEERING EXPERTISE
TO MAKE OFF
WITH OVER $75 MILLION
WORTH OF DRUGS.
Sferrazza: IT WAS THE LARGEST
PHARMACEUTICAL THEFT
IN THE HISTORY
OF THE UNITED STATES.
Narrator: AND A CREDIT-CARD
SKIMMER ALLOWS THIEVES TO STEAL
SO MUCH GAS,
THE RESULTS CAN BE DEADLY.
Man: THEIR CARGO MAKES THEM
HIGHLY COMBUSTIBLE,
SO THEY CAN IGNITE ALL AT ONCE.
[ EXPLOSION ]
Narrator: TECHNOLOGY...
IT'S A NEW, WIDE-OPEN WILD WEST
WITH ENDLESS POSSIBILITIES.
FROM HIGH-TECH HEISTS
TO REAL-LIFE HACKS
TO THE REACHES OF CYBERSPACE,
TECHNOLOGY IS THE LATEST WEAPON
IN THE WAR BETWEEN
MODERN-DAY CROOKS
AND CUTTING-EDGE COPS.
IN THE WRONG HANDS,
TECHNOLOGY CAN BE CRIMINAL.
ONE EARLY VERSION
OF THE INTERNET
WAS DEVELOPED BY
THE U.S. DEPARTMENT OF DEFENSE
IN THE 1960s.
BY THE 1980s, IT WAS NO LONGER
A MILITARY TOOL,
AND ADVANCES IN COMPUTING
TECHNOLOGY PAVED THE WAY
FOR THE WORLD WIDE WEB.
FAST-FORWARD A DECADE,
AND THE INTERNET
HAS TRANSFORMED
THE FACE OF BANKING AND RETAIL,
WITH CREDIT-CARD
AND OTHER FINANCIAL INFORMATION
TRAVELING ACROSS THE WEB
AT LIGHTNING SPEED.
AS THE INTERNET BECOMES
MORE ACCESSIBLE,
INEVITABLY, CYBER CRIME IS BORN.
IN 1995, A MAJOR
U.S. GOVERNMENTAL AGENCY
IS HACKED BY A 14-YEAR-OLD
NAMED ALBERT GONZALEZ.
Elfrink: HE HAD IN HIS SPARE TIME,
UNBEKNOWNST TO HIS PARENTS
OR ANYONE ELSE,
HACKED INTO NASA'S MAINFRAME,
NOT FOR ANY PARTICULAR REASON...
JUST TO SHOW HE COULD DO IT,
AS SORT OF, YOU KNOW,
SOMETHING A REBEL KID MIGHT DO.
Hilbert:
IT WAS TRACKED BACK TO HIM.
HE WAS APPROACHED BY THE FBI,
AND HE WAS ASKED IN ESSENCE
WHAT WAS HE DOING.
Narrator:
WHAT HE'S DOING
IS TESTING
THE SYSTEM AND TESTING HIMSELF.
Elfrink:
ALBERT GONZALEZ WAS REALLY
YOUR TYPICAL BLUE-COLLAR KID
IN MIAMI.
HE GOT HIS FIRST PC
WHEN HE WAS 12.
HE WOULD TAKE IT APART
IN HIS BEDROOM
AND PUT IT BACK TOGETHER.
IT WAS EVIDENT THAT HE HAD
A REBEL STREAK.
HE WAS ONLY 14 YEARS OLD
THE FIRST TIME
THE FBI PAID HIM A VISIT.
HE WAS JUST A KID, SO THEY SAID,
"YOU KNOW, LOOK,
WE DON'T WANT TO CHARGE YOU
WITH A CRIME IN THIS CASE.
IF YOU HELP US UNDERSTAND
HOW YOU GOT INTO NASA,
WE'LL LET THIS THING GO."
Hilbert: THEY OFFERED HIM
AN OPPORTUNITY TO HELP
WITH THE IDEA THAT
THAT WOULD MAYBE REFORM HIM,
GET HIM ON THE RIGHT PATH
DOWN THE ROAD.
Elfrink:
HE DIDN'T REFORM.
HE WENT RIGHT BACK
TO DOING WHAT HE'D ALWAYS DONE,
AND THAT REALLY SET UP
THE PATTERN
FOR HOW'D HE BEHAVE
THE REST OF HIS LIFE.
Narrator: EVEN THOUGH
HE'S BEEN WARNED BY THE FBI,
ALBERT DOESN'T STOP HACKING.
TO HIDE HIS IDENTITY,
HE USES AN ALIAS.
FOR AS FAR AS I CAN REMEMBER,
HACKERS HAVE USED PSEUDONYMS.
THEY USE NICKNAMES.
IT'S PART OF YOUR IDENTITY.
IT IS SORT OF PROTECTION.
OBVIOUSLY, IF YOU'RE GONNA BE
BREAKING THE LAW,
YOU DON'T WANT TO GET ONLINE
WITH YOUR REAL NAME.
ALBERT ACTUALLY WENT BY
THE NICKNAME OF "SOUPNAZI."
SO AS HE TRAVELED THE INTERNET,
AS HE EXPLORED AND MET PEOPLE,
THEY KNEW ALBERT AS SOUPNAZI,
NOT AS ALBERT GONZALEZ.
Hilbert: HE HANGS OUT WITH THE
VARIOUS DIFFERENT ONLINE CREWS
THAT ARE OUT THERE, ONE OF WHICH
BEING THE KEEBLER ELVES.
THE KEEBLER ELVES AND OTHER
GROUPS LIKE THEM COLLECT DATA
THAT THEY CAN EITHER SELL
OR PROFIT FROM.
THEY GET THE TAG "BLACK HAT,"
BECAUSE THEIR WHOLE PURPOSE
IS TO DO ILLEGAL ACTS.
ALL HACKERS ARE TESTING SYSTEMS,
LOOKING FOR VULNERABILITIES
OR WEAKNESSES.
WHITE HAT HACKERS
USE THAT INFORMATION FOR GOOD,
AND BLACK HATS
USE THEM FOR BAD.
Monsegur: THESE ARE THE GUYS
THAT ARE BREAKING INTO NETWORKS,
BREAKING INTO BANKS,
SOCIAL ENGINEERING,
YOUR PASSWORD, BREAKING INTO
YOUR BANK ACCOUNT,
SKIMMING YOUR CREDIT CARDS.
THESE ARE WHAT PEOPLE
USUALLY CALL "THE BAD GUYS."
Narrator:
AND ALBERT'S ON HIS WAY
TO BECOMING A FULL-FLEDGED
BLACK HAT,
EVEN AS A TEENAGER.
Elfrink: WITHIN A COUPLE YEARS
OF THIS NASA BREAK-IN,
HE WAS ALREADY STEALING
CREDIT CARDS ONLINE.
Hilbert:
HE GETS CAUGHT UP IN A SCHEME
WHERE HE'S UTILIZING
STOLEN CREDIT CARDS
THAT HE HAS CLONED
TO EXTRACT MONEY
FROM AN ATM MACHINE.
THE LOCAL P.D. PICKS HIM UP,
THEY DON'T KNOW
WHAT TO DO WITH HIM.
BECAUSE IT'S CREDIT CARDS,
THEY CALL THE SECRET SERVICE.
Narrator: THE SECRET SERVICE
INVESTIGATES FINANCIAL CRIMES
INCLUDING COUNTERFEITING,
FORGERY,
AND CREDIT-
AND DEBIT-CARD FRAUD.
ALBERT MAY BE YOUNG,
BUT HE'S LEARNED
FROM HIS NASA HACK THAT HIS
COMPUTER SKILLS ARE VALUABLE.
HE SAID,
"YOU GUYS DROP THE CHARGES,
AND I'LL HELP YOU WITH
WHATEVER YOU NEED HELP WITH."
SO THE SECRET SERVICE
TAKES ADVANTAGE OF THAT.
Narrator: THEY BRING HIM ON
AS A PAID INFORMANT.
Elfrink: THEY ACTUALLY OFFERED
HIM A FULL-TIME JOB, BASICALLY,
TO BE A HACKER IN RESIDENCE
TO HELP THEM
WITH OTHER
ONLINE-CRIME OPERATIONS.
AND HE AGREED.
WHAT THE FEDS DIDN'T KNOW
IS THAT JUST HAS HE ALWAYS HAD,
ALBERT GONZALEZ VERY QUICKLY
WENT BACK TO ILLEGAL OPERATIONS
ON THE INTERNET.
Narrator:
ALBERT RECRUITS A GROUP
OF HACKER FRIENDS TO JOIN HIM,
MOST OF WHOM HE MET ONLINE.
THEY INCLUDE BEST FRIEND
AND BRILLIANT CODER
STEPHEN WATT.
Elfrink: AND WITH THESE FRIENDS,
THEY BEGAN CONCOCTING SOME IDEAS
OF HOW TO STEAL CREDIT CARDS
AND MAKE MONEY OFF OF IT...
...AND EVEN GAVE
THEIR CRIMINAL PLAN
A SOMEWHAT JOKING NICKNAME OF
"OPERATION GET RICH
OR DIE TRYING."
Narrator: THE OPERATION
HAS ONE SIMPLE GOAL.
Hilbert: THEY WERE PLANNING
ON STEALING CREDIT CARDS
AND MAKING A GREAT DEAL
OF MONEY OFF OF IT.
THEY BEGAN BY WARDRIVING,
AND WARDRIVING
IS DRIVING AROUND, LITERALLY,
AND IDENTIFYING
OPEN WI-FI NETWORKS
THAT YOU CAN LOG ON TO
AND STEAL THE INFORMATION
FROM WITHIN THEIR COMPUTERS.
BACK THEN, WARDRIVING WAS
A LITTLE BIT COMPLICATED.
THE ROUTERS AT THE TIME
HAD WEAK SIGNALS, WEAK ANTENNAS,
AND SO IF YOU WANTED
TO BE A SUCCESSFUL WARDRIVER,
YOU HAD TO GO OUT THERE
WITH ALL SORTS OF GADGETS.
AS PART OF THE WARDRIVING
PROCESS, YOU HAVE TO BE CLOSE
TO THE WI-FI SIGNAL ITSELF,
WHICH IS WHY YOU WOULD BE PARKED
IN THE PARKING LOT
OF THE RETAIL STORE
THAT MIGHT HAVE A WI-FI SIGNAL.
Narrator: IN 2004,
THE TECHNOLOGY
IS STILL IN ITS INFANCY.
Elfrink: THIS WAS AT A TIME
WHEN WI-FI WAS FAIRLY NEW.
COMPANIES HAD JUST BEGUN
INSTALLING IT
IN THEIR BUILDINGS,
AND A LOT OF THEM DIDN'T HAVE
MUCH SECURITY AROUND IT.
Monsegur: YOU'RE LOOKING FOR SIGNALS
WITH WEAK ENCRYPTION ALGORITHMS
THAT YOU COULD CRACK
AND BREAK INTO RELATIVELY EASY.
Narrator: ALBERT AND HIS CREW
TARGET WI-FI SIGNALS FROM STORES
THAT USE THEIR NETWORKS
TO SEND FINANCIAL INFORMATION
FROM THE POINT-OF-SALE DEVICE
TO THEIR COMPANY'S HEAD OFFICE.
THE NEXT STEP IS TO FIGURE OUT
HOW TO TAP IN.
Elfrink: ONCE THEY'VE
GOTTEN INTO THE SYSTEM
OF A BIG RETAILER,
THEY WOULD BURROW RIGHT INTO
THE PART OF THE SYSTEM
THAT STORED
CONSUMER INFORMATION,
THE INFORMATION THAT
ANYBODY LEFT OVER ANY TIME
THEY BOUGHT GOODS
WITH A CREDIT CARD.
Monsegur:
NOW THAT HE'S IDENTIFIED
A POTENTIAL WI-FI NETWORK
TO TARGET,
THE NEXT STEP IS TO LOOK AT
AND UNDERSTAND ITS ENCRYPTION.
WHAT KIND OF MECHANISMS
OR AUTHENTICATION SYSTEMS
ARE THEY USING TO SAFEGUARD
THE WI-FI NETWORK
FROM THE REST OF THE POPULACE?
Jiggetts:
ENCRYPTION IS SIMPLY
TAKING INFORMATION
THAT MAKES SENSE
AND SCRAMBLING IT UP
SO IT BECOMES GIBBERISH.
COMPUTERS USE AN ENCRYPTION
ALGORITHM, A SET OF STEPS,
TO TURN PLAIN TEXT,
WHICH IS REAL INFORMATION,
INTO CIPHERTEXT,
OR THE GIBBERISH.
TURN CIPHERTEXT BACK INTO
THE REAL INFORMATION
CAN ONLY BE DONE
BY DECRYPTING IT,
AND DECRYPTION DEPENDS ON
FINDING AN ABSOLUTELY
ESSENTIAL PIECE
OF INFORMATION CALLED A KEY.
Narrator:
WITH THE RIGHT KEY,
ALBERT CAN ACCESS
EVERYTHING ON THE NETWORK.
Monsegur: SO, ONCE ALBERT
LOGS IN TO THE NETWORK,
HE'S ABLE TO LOOK FOR WEAKNESSES
IN THE REST OF
THEIR INFRASTRUCTURE.
THE DIFFERENCE IS
HE'S NO LONGER ON THE OUTSIDE.
NOW HE'S ON THE INSIDE.
ALBERT IS REALLY LOOKING
FOR CREDIT-CARD DETAILS...
THE FULL NUMBERS,
EXPIRATION DATES...
WHICH WOULD ALLOW HIM OR ANYONE
TO CHARGE THE CREDIT CARD
OR EVEN CLONE THE CREDIT CARD.
ON THE BACK OF A CREDIT CARD,
THERE'S A MAGNETIC STRIP,
AND WITHIN THAT STRIP,
THERE ARE ACTUALLY THREE TRACKS.
TRACK ONE IS INFORMATION
AS IT RELATES TO
THE CARD AND THE MANUFACTURER.
TRACK TWO
IS THE PERSONAL INFORMATION
ABOUT THE ACTUAL CARD NUMBER
AND WHO THE OWNER IS AND
WHAT THE EXPIRATION DATE IS.
AND TRACK THREE
IS ADDITIONAL INFORMATION.
WHAT ALBERT NEEDED
WAS TO TRACK TWO DATA
BECAUSE THAT INFORMATION
CAN BE THEN USED
TO CREATE FAKE
OR CLONED CREDIT CARDS.
Narrator:
BUT NOT ALL OF THE INFORMATION
ALBERT AND HIS CREW GATHERS
IS VALUABLE.
Elfrink: ONE PROBLEM THEY'D
ENCOUNTERED WITH WARDRIVING
IS WHEN THEY WOULD STEAL
THESE CREDIT CARDS,
USUALLY A DECENT PERCENTAGE
OF THEM WOULD BE OLD.
YOU KNOW, THEY'D BE EXPIRED,
THEY'D BE TRANSACTIONS
FROM YEARS AGO,
BASICALLY SOMETHING
YOU COULDN'T RESELL.
Narrator: IT'S NOT THE ONLY
SHORTCOMING WITH WARDRIVING.
Jiggetts:
THE DATA-DOWNLOADING PROCESS
IS SLOW AND CONSPICUOUS.
ALBERT OR HIS CREW MEMBERS
SIT IN THE PARKING LOT
FOR HOURS DOWNLOADING DATA.
WHEN HE SITS IN THE PARKING LOT
FOR THAT LONG,
HE'S DRAWING ATTENTION
TO HIMSELF,
SO HE'S FACING A RISK
BY DOING THAT.
Narrator: AND IT'S A RISK ALBERT
CAN NO LONGER AFFORD TO TAKE,
SO HE COMES UP
WITH A HIGH-TECH PLAN.
Elfrink: THEY WERE ABLE TO STEAL
MILLIONS AND MILLIONS
OF CURRENT
CREDIT-CARD TRANSACTIONS.
♪♪
Narrator: IN THE EARLY DAYS
OF WIRELESS INTERNET,
CYBER-CRIMINALS ARE QUICK
TO EXPLOIT ITS WEAKNESSES,
EVEN AS SECURITY
LAGS FAR BEHIND.
23-YEAR-OLD HACKER
AND PAID
SECRET SERVICE INFORMANT
ALBERT GONZALEZ AND HIS CREW
ARE STEALING ACCOUNT INFORMATION
FOR THOUSANDS OF CREDIT CARDS.
IT'S AN ESPECIALLY RISKY CRIME
WHEN YOU ALSO WORK FOR
THE FEDERAL GOVERNMENT.
ALBERT WANTS A BETTER WAY TO
STEAL QUALITY CREDIT-CARD DATA
WITHOUT THE DANGERS OF LOOKING
FOR WI-FI SIGNALS
OUT IN THE OPEN.
HE COMES UP WITH A PLAN.
ALBERT ASKS A CREW MEMBER
TO CREATE A COMPUTER PROGRAM
CALLED A SNIFFER.
THEY INSTALL IT ON SITE,
THEN REMOTELY ACCESS
THE DATA IT GATHERS.
ON AN NETWORK, YOU HAVE TRAFFIC
GOING BACK AND FORTH
BETWEEN COMPUTER AND SERVER,
AND A SNIFFER IS INSTALLED
SOMEWHERE ON THE NETWORK.
AND IT'S JUST LISTENING.
IT'S CAPTURING ALL THE TRAFFIC
GOING BETWEEN, BACK AND FORTH.
IT'S JUST SITTING THERE
GRABBING ALL THIS INFORMATION.
THE SNIFFER REACHERS BEYOND
THE STORE'S COMPUTERS
INTO THE PARENT COMPANY'S
CORPORATE DATABASE.
THEN IT COLLECTS ONLY CHARGE-
CARD DATA ON RECENT PAYMENTS.
IT ENCRYPTS THE DATA
IT COLLECTS,
AND AUTOMATICALLY SENDS IT
TO ALBERT'S COMPUTER
VIA THE WEB.
Hilbert: NOW THEY COULD JUST
INSTALL THIS PROGRAM,
DRIVE AWAY,
AND AT NIGHT,
ALL OF THE INFORMATION
THAT THE SNIFFER COLLECTED
WOULD BE TRANSMITTED
TO THE COMPUTER
THAT THEY WERE SITTING AT,
AND THEY CAN SORT THROUGH IT
AT THEIR LEISURE.
Jiggetts: BECAUSE THE DATA'S
ONLY COLLECTED
ON RECENTPAYMENTS,
HE KNOWS IT'S ALL MARKETABLE.
FOR THIEVES TRYING TO GET
CREDIT-CARD INFORMATION
FROM A BIG COMPANY,
THIS WAS AN ABSOLUTELY GENIUS
NEW TECHNIQUE.
THEY WERE ABLE TO STEAL MILLIONS
AND MILLIONS OF CURRENT
CREDIT-CARD TRANSACTIONS.
Narrator:
WITH A NEW PLAN OF ATTACK,
ALBERT LOOKS TO CAPITALIZE
EVEN MORE
ON HIS CYBER CRIMES
BY FINDING NEW BUYERS.
HE BEGINS HIS SEARCH
BY VISITING A SECRET
AND OBSCURE PART OF THE INTERNET
KNOWN AS THE DARK WEB.
Jiggetts: THE SURFACE WEB
IS WHAT EVERYDAY USERS USE...
FINDING STUFF ONLINE.
THE DEEP WEB GOES EVEN FURTHER
WHERE YOU'RE NOT FINDING
THESE THINGS BY SEARCHES.
YOU HAVE TO KNOW
WHAT TO LOOK FOR,
MAYBE BY I.P. ADDRESS.
THE DARK WEB IS A NETWORK
OF COMPUTERS AND SYSTEMS
THAT WORK TOGETHER.
AND THEY'RE MORE PRIVATE.
THEY'RE A LITTLE BIT
MORE ANONYMOUS,
AND THEY'RE A LITTLE
BIT MORE SECURE.
ANYONE CANNOT JUST
JOIN THE DARK WEB.
YOU'D HAVE TO KNOW SOMEBODY
THAT CAN VET YOU.
YOU CAN'T JUST, LIKE,
GO KNOCKING ON THE FRONT DOOR,
SAY "HEY, I WANT TO JOIN
THE DARK WEB.
CAN YOU LET ME IN?"
Narrator: ALBERT SOON FINDS
WHAT HE'S LOOKING FOR.
Elfrink: ALBERT'S BIGGEST BUYER
THAT HE CONNECTED WITH
FOR THIS STOLEN
CREDIT-CARD INFORMATION
WAS A GUY IN UKRAINE
NAMED MAKSYM YASTREMSKIY.
Hilbert: HE CONNECTED WITH
YASTREMSKIY VIA THE DARK WEB.
Elfrink: HE WAS VERY WELL-KNOWN
AS ONE OF THE BIGGEST
CREDIT-CARD THIEVES
IN THE WORLD,
BUT HE OPERATED
IN UKRAINE IN A PLACE
WHERE HE HAD PROTECTION
FROM CORRUPT OFFICIALS.
HE FELT LIKE HE COULD BASICALLY
OPERATE ALMOST OUT IN THE OPEN.
AFTER ALBERT AND HIS FRIENDS
WOULD STEAL CREDIT-CARD DATA
FROM BIG COMPANIES,
THEY WOULD SEND IT
ELECTRONICALLY
TO MAKSYM YASTREMSKIY
IN UKRAINE.
MAKSYM WOULD BUY
THIS INFORMATION IN BULK.
Narrator: YASTREMSKIY THEN SELLS
BUNDLES OF THIS INFORMATION
ONLINE TO BUYERS
AROUND THE WORLD.
Hilbert: AND THERE'S ONLY
A COUPLE WAYS TO CONVERT
STOLEN CREDIT-CARD DATA
INTO CASH.
ONE IS TO ACTUALLY CREATE
NEW CREDIT CARDS WITH THAT,
CLOSE THOSE CREDIT CARDS,
AND THEN USE THOSE TO GO TO ATMs
OR TO SELL THE CARDS THEMSELVES
TO OTHER INDIVIDUALS ONLINE.
THE OTHER WAY IS
TO ACTUALLY GO AHEAD
AND MAKE PURCHASES
WITH THAT INFORMATION.
YOU'D MAKE THOSE PURCHASE
AT VARIOUS ONLINE STORES,
YOU WOULD THEN IN TURN
SELL THOSE ON THE REGULAR MARKET
AND UTILIZE THE CASH THAT YOU
MADE FROM THOSE TYPES OF SALES.
ONCE THAT MONEY WAS CREATED,
IT WOULD GO TO YASTREMSKIY.
NOW, HE NEEDED
TO BE ABLE TO TRANSFER THAT
TO ALBERT IN SUCH A WAY
THAT ALBERT COULD TAKE IT OUT
IN A CASH FORM.
IT'S NOT LIKE YOU'RE JUST
GONNA GO AHEAD AND SAY
"I'M GONNA SEND IT
FROM BANK 'A' TO BANK 'B.'"
THERE ARE VARIOUS
DIFFERENT WEBSITES THAT ALLOW
FOR THE USE OF CRYPTOCURRENCIES.
YOU ARE GIVEN A WALLET
THAT HAS NO INFORMATION
ABOUT WHO YOU ARE.
YOU CAN NAME IT
IN ANYBODY'S NAME,
YOU CAN PUT ANYTHING
YOU WANT AROUND IT.
WHAT'S IMPORTANT
IS THE WALLET INFORMATION,
AND THAT WALLET
HAS A SPECIALIZED CODE.
AND WHAT THEY WOULD DO
IS AN ONLINE TRANSFER
FROM ONE WALLET TO THE OTHER.
SO IN OTHER WORDS, FROM WALLET
XYZ123 TO WALLET ABC123.
WHEN YOU'RE LOOKING AT THAT FROM
A LAW-ENFORCEMENT PERSPECTIVE
OR FROM AN OUTSIDE PERSPECTIVE,
ALL YOU SEE IS THE ABC123.
YOU CAN'T FIND
THE INFORMATION BEHIND IT,
WHO THE ACTUAL OWNER IS,
AND THIS IS HOW MONEY WOULD BE
TRANSFERRED BACK AND FORTH.
Narrator: DESPITE ALL OF
ALBERT'S HIGH-TECH DECEPTIONS,
THE CREDIT-CARD COMPANIES
START TO NOTICE
FRAUDULENT TRANSACTIONS.
THAT'S WHEN THE SECRET SERVICE
GOT INVOLVED.
Narrator:
BUT WITH CYBER CRIMES,
THE CRIMINAL COULD BE ANYWHERE
OR ANYONE.
THEY WERE COMING IN BLIND,
AND THEY DIDN'T KNOW
WHERE TO TRY TO GET AT
THE THIEVES IN THIS OPERATION.
Narrator:
WHILE THEY HAVE NO IDEA
THAT THE MAIN THIEF
THEY'RE AFTER WORKS FOR THEM,
THE SECRET SERVICE HAS ANOTHER
CREDIT-CARD FRAUD CASE
WITH A KNOWN SUSPECT...
MAKSYM YASTREMSKIY.
Elfrink:
HE WAS A NAME THEY KNEW.
HE WAS A GUY THEY KNEW.
Narrator: THE SECRET SERVICE
KNOWS HIM AS A GO-BETWEEN.
Elfrink: THEY KNEW THAT
THIS WAS THE MIDDLE MAN.
THEY KNEW THIS GUY WAS
DEALING WITH ALL OF THIS DATA.
IF THEY COULD FIGURE OUT
WHERE HE WAS BUYING IT FROM,
THEY COULD WORK THEIR WAY BACK
TO THE THEFT IN THE FIRST PLACE.
Narrator: MEANWHILE, 23-YEAR-OLD
ALBERT TAKES FULL ADVANTAGE
OF THE MONEY COMING IN.
ALBERT VERY QUICKLY BEGAN TO
LIVE BASICALLY LIKE A ROCK STAR.
HE HAD TAKEN THIS
9:00 TO 5:00 JOB WITH THE FEDS
AND WAS BASICALLY
A BUTTON-UP, NORMAL CITIZEN.
THAT CHANGED VERY QUICKLY
AS THE PROFITS STARTED COMING IN
FROM OPERATION GET RICH
OR DIE TRYING.
HE BOUGHT HIMSELF A NEW BMW,
RINGING UP
MULTI-THOUSAND-DOLLAR BILLS
AT HOTELS AND CLUBS.
PART OF THE THRILL FOR ALBERT
WAS BEING A DOUBLE AGENT
AND PLAYING BOTH SIDES
OFF OF EACH OTHER.
ANY HINT HE HAD THAT HE WAS
STILL TRYING TO HELP THE FEDS,
TRYING TO PLAY ON
THE RIGHT SIDE OF THE LAW,
IS TOTALLY OUT THE WINDOW.
AS TIME WENT ON
AND THE CASH STARTED COMING IN,
I THINK THIS BECAME ABOUT GREED
FOR ALBERT.
HE NEEDED MONEY, AND REALLY,
BY THIS POINT IN HIS CRIME,
HE WAS A THIEF MUCH MORE THAN
HE WAS ANYTHING ELSE.
Narrator:
AND THIS THIEF
WANTS TO TAKE HIS HACKS
TO THE NEXT LEVEL.
THE SNIFFER PROGRAM
IS AN EFFECTIVE TOOL,
BUT ALBERT MUST STILL GO THROUGH
A RETAIL STORE'S
WIRELESS NETWORK
TO INITIALLY GET INTO
THE PARENT COMPANY'S DATABASE.
IT'S TOO LIMITING.
WHAT THIS AMBITIOUS HACKER WANTS
IS TO ATTACK A DATABASE
FROM OUTSIDE THE RETAIL STORE'S
WIRELESS NETWORKS.
HE TARGETS
THE INFRASTRUCTURE ITSELF.
Elfrink:
NO ONE HAD REALIZED
THAT THE LANGUAGE
WAS SO VULNERABLE
TO A HACKER GETTING INTO
THE MAIN SYSTEM ITSELF.
IT WAS A NEW RECORD
FOR CREDIT-CARD THEFT.
♪♪
Narrator:
11 YEARS AFTER BREAKING INTO
NASA'S MAINFRAME AS A TEENAGER,
THE NOW 25-YEAR-OLD HACKER
AND SECRET SERVICE EMPLOYEE
ALBERT GONZALEZ
HAS A SUCCESSFUL SIDELINE
OF STEALING
AND SELLING
CREDIT-CARD INFORMATION.
BUT GATHERING THAT INFORMATION
MEANS HACKING INDIVIDUAL STORES
AND THEIR WI-FI NETWORKS
ONE AT A TIME.
HE'S READY TO EXPAND
HIS BUSINESS.
HE WANTS TO GO A LITTLE BIT
MORE WIDESPREAD,
AND HE WANTS TO DO IT
PRETTY QUICKLY.
HIS SNIFFER PROGRAM IS ONLY
BRINING HIM INFORMATION
FROM INDIVIDUAL STORES.
HE ACTUALLY WANTS
ALL OF THE DATA.
Narrator: HE COMES UP
WITH AN AMBITIOUS HACK
THAT DOESN'T RELY ON PROXIMITY
TO A STORE'S WI-FI NETWORK.
Monsegur: WHAT THIS DOES IS
IT GIVES ALBERT AN OPPORTUNITY
TO PROTECT HIS SECURITY,
PROTECT HIMSELF
AND HIS OPERATION
SO THAT HE'S AT THIS POINT
NO LONGER SEEN
ON ANY CCTV CAMERAS
OR BY SECURITY GUARDS.
Narrator: HE AND HIS EXPERT
HACKING CREW DECIDE TO TARGET
A FUNDAMENTAL ELEMENT
OF THE WEB ITSELF...
ONE OF IT'S PROGRAMMING
LANGUAGES, SQL.
SQL, WHICH IS
"STRUCTURED QUERY LANGUAGE,"
IS A PROGRAMMING LANGUAGE
WHICH IS USUALLY TIED
TO A DATABASE,
WHICH IS A BACK END
TO MANY WEB APPLICATIONS
OR WEBSITES.
Monsegur: IT'S KIND OF
AN OLD-SCHOOL DATABASE,
WHICH ALLOWS YOU
TO STRUCTURE YOUR DATA
SO THAT IT'S EASIER TO QUERY.
THEY WERE ABLE TO USE
THAT LANGUAGE TO CORRUPT IT,
TO HACK IT,
TO GET AT THE INFORMATION
THAT PEOPLE WERE SUBMITTING,
THEIR CREDIT-CARD INFORMATION.
Jiggetts: ALBERT IS ABLE TO
ACCESS THE DATABASE IN A WAY
THAT HE'S TRICKING THE DATABASE
INTO ACCEPTING
MALICIOUS COMMANDS.
EVENTUALLY,
ONE OF THE COMMANDS STOOD.
IT EXECUTED, AND IT PROVIDED
ALBERT THE OPPORTUNITY
TO PULL INFORMATION
OUT OF THE DATABASE.
Jiggetts:
WHICH ALLOWS HIM
TO GET ALL THIS CREDIT-CARD DATA
OVER THE WEB.
SO NOW HE DOESN'T HAVE TO BE
ON THEIR NETWORK.
ONCE ALBERT AND HIS CREW CRACK
SQL, ALSO KNOWN AS "SEQUEL,"
THEY INSTALL A MODIFIED VERSION
OF THEIR SNIFFER PROGRAM.
NO ONE HAD REALIZED THAT SEQUEL,
THE LANGUAGE BEING USED
TO COMMUNICATE
WHEN YOU WOULD
BUY SOMETHING ONLINE,
WAS SO VULNERABLE TO A HACKER
GETTING INTO
THE MAIN SYSTEM ITSELF.
BESIDES MAJOR RETAIL CHAINS,
ALBERT EVEN HACKS INTO
A CREDIT-CARD PROCESSING FIRM.
THIS GIVES HIM ACCESS TO WELL
OVER 100 MILLION CREDIT CARDS.
Elfrink: THIS WAS VERY CURRENT
DATA THAT THEY COULD SELL
WITHOUT HAVING TO WORRY
THAT THESE WERE EXPIRED.
IT WAS REALLY ANOTHER
STROKE OF GENIUS
THAT ALBERT AND HIS CREW
REALIZED
THEY COULD USE THIS LANGUAGE
OF THESE WEBSITES
TO GET AT
A WHOLE OTHER BATCH OF DATA.
IT WAS A NEW RECORD
FOR CREDIT-CARD THEFT.
Narrator:
ALBERT'S CREDIT-CARD SCHEME
IS TAKING UP SO MUCH OF HIS TIME
THAT HIS WORK
FOR THE SECRET SERVICE SUFFERS.
WHILE THEY STILL DON'T SUSPECT
THAT HE'S HACKING,
IN EARLY 2008,
THEY LET HIM GO.
AROUND THE SAME TIME,
THEIR SURVEILLANCE
OF ALBERT'S CREDIT-CARD BUYER,
UKRAINIAN CYBER CRIMINAL
MAKSYM YASTREMSKIY, PAYS OFF.
Elfrink:
THEY CAUGHT A BREAK.
AFTER MONTHS OF INVESTIGATING
MAKSYM, HE LEFT THE UKRAINE.
HE WENT ON VACATION
TO A RESORT IN THE MIDDLE EAST.
AGENTS WERE ABLE
TO TAIL HIM THERE.
WHILE HE WAS ACTUALLY
OUT PARTYING AT THIS RESORT,
THEY WERE ABLE
TO GET INTO HIS HOTEL ROOM
AND COPY THE HARD DRIVE
OFF OF HIS LAPTOP
WITHOUT HIM KNOWING
WHAT HAD HAPPENED.
THIS WAS THE KEY BREAK
IN THE CASE.
MAKSYM HAD TURNED OUT TO BE
AN AMAZING RECORD KEEPER.
HE HAD RECORDS
OF ALL OF HIS TRANSACTIONS,
OF ALL OF THE SALES
OF STOLEN CREDIT-CARD DATA,
AND THEIR CHALLENGE NOW
WAS TO UNRAVEL IT.
HE USED CODE NAMES,
HE USED NUMBERS
INSTEAD OF NAMES FOR HIS BUYERS
AND HIS SELLERS.
ONE OF THE NUMBERS ENDED UP
LINKING TO AN E-MAIL ADDRESS,
AND THAT E-MAIL ADDRESS
WAS SOUPNAZI@ A SERVER.
THE WORD "SOUPNAZI"
LIT LIGHT BULBS.
RIGHT AWAY,
THE FEDS MADE A CONNECTION.
Narrator: IT'S SOMEONE THEY KNOW
VERY, VERY WELL.
Elfrink:
ANYONE WHO HAD EVER WORKED
IN ONLINE CRIME
OR WITH ALBERT GONZALEZ
WOULD RECOGNIZE
THE NAME SOUPNAZI IMMEDIATELY.
THE CASE UNRAVELED
PRETTY QUICKLY
AFTER THEY RECOGNIZED
THE SOUPNAZI CONNECTION.
FEDERAL AGENTS SWOOPED IN,
BUT THEY COULDN'T FIND
ALBERT GONZALEZ.
THEY DIDN'T KNOW
WHERE HE WAS HIDING.
THEY KNEW
THEY HAD TO GET HIM QUICKLY.
THEY KNEW HE HAD FAKE PASSPORTS
AND LIKELY COULD TRY
TO GET OUT OF THE COUNTRY.
Narrator: BUT ALBERT
HASN'T SKIPPED THE COUNTRY.
THE NOW 26-YEAR-OLD IS DOING
WHAT HE LOVES MOST... PARTYING.
Elfrink: HE WAS HIDING
IN THE LUXURY SUITE
AT A HOTEL IN SOUTH BEACH.
HE HAD A BEAUTIFUL WOMAN
WITH HIM, $22,000 IN CASH,
AND SEVERAL LAPTOPS.
AND THEY ARRESTED HIM
THAT MORNING.
THOSE KIND OF MISTAKES
ARE VERY PREVALENT
IN MANY
OF THESE CYBER-CRIMINAL CASES.
A LOT OF HACKERS
HAVE BEEN ARRESTED
BECAUSE THEY HAVE MADE MISTAKES,
WHETHER IT WAS OUT OF VANITY
OR SOME SORT OF GREED.
Narrator:
OVER A FOUR-YEAR PERIOD,
ALBERT AND HIS CREW MANAGED
TO HACK OVER 100 MILLION
CREDIT-CARD ACCOUNTS.
Elfrink: IT TOOK MONTHS
TO UNRAVEL JUST HOW MUCH DAMAGE
ALBERT AND HIS CREW HAD DONE.
THE ESTIMATES WERE
A COMBINED MINIMUM
$400 MILLION LOSS
BETWEEN THE LEGAL FEES,
THE SECURITY COSTS,
AND THE ACTUAL DAMAGE THAT
THEY HAD DONE TO THEIR SYSTEMS.
AT HIS PARENTS' HOUSE,
ALBERT HAD ACTUALLY
BURIED A PLASTIC TUB
IN THEIR BACKYARD.
INSIDE THE TUB WAS
MORE THAN $1 MILLION IN CASH.
ALBERT GONZALEZ
ENDED UP SENTENCED
TO 20 YEARS IN FEDERAL PRISON.
IT'S ONE OF THE LONGEST
SENTENCES EVER HANDED DOWN
FOR ONLINE CRIME.
Narrator: CODER STEPHEN WATT
IS SENTENCED TO TWO YEARS.
Elfrink: CORPORATE
SECURITY EXPERTS WILL TELL YOU
THAT THEY LEARNED A LOT
FROM ALBERT'S CRIMES
AND FROM HOW MANY CREDIT CARDS
HE WAS ABLE TO STEAL.
FIRST WI-FI SYSTEMS
SECURITY WAS TIGHTENED,
THEN THEY WERE ABLE TO CLOSE
THE LOOPHOLE THROUGH SQL.
Narrator: THE SECRET SERVICE
DOES NOT COMMENT ON THE ROLES
OF PAID INFORMANTS,
BUT IT'S THOUGHT THAT THEY ARE
MONITORED MORE CLOSELY NOW.
THE SIMPLE FACT IS THAT
THERE'S ALWAYS
GOING TO BE VULNERABILITIES,
AND WHEN THERE'S AS MUCH MONEY
TO BE MADE
FROM STEALING CREDIT CARDS,
THERE'S ALWAYS GONNA BE
SOMEBODY OUT THERE
TRYING TO FIND THOSE WEAKNESSES.
Narrator: FROM THE DARK WEB
TO THE BLACK MARKET,
CRIMINALS ARE ALWAYS
ON THE LOOKOUT
FOR HIGH-VALUE TARGETS.
THE STREET VALUE
OF PRESCRIPTION DRUGS
CAN BE JUST AS ATTRACTIVE
AS CREDIT-CARD INFORMATION.
[ SIREN WAILS ]
ON SUNDAY MARCH 14, 2010,
ENFIELD, CONNECTICUT, POLICE
ARE SUMMONED TO A PHARMACEUTICAL
COMPANY WAREHOUSE
ON THE OUTSKIRTS OF TOWN.
IT'S A DISTRIBUTION CENTER
FOR THE ENTIRE EAST COAST.
Narrator:
THE 70,000-SQUARE-FACILITY
HOUSES COSTLY MEDICINES
LIKE ANTIDEPRESSANTS,
CANCER-FIGHTING DRUGS,
AND ANTIPSYCHOTICS,
WHICH ARE DISTRIBUTED
UP AND DOWN
THE EASTERN SEABOARD.
IT'S A SIGNIFICANT BUILDING.
Narrator:
AND IT'S BEEN ROBBED
OF $60 MILLION WORTH
OF PHARMACEUTICALS.
IT WAS THE LARGEST
PHARMACEUTICAL THEFT
IN THE HISTORY
OF THE UNITED STATES.
Narrator: THIS KIND OF HEIST
COULD ONLY BE PULLED OFF
BY HIGH-TECH CAREER CRIMINALS
WITH A SPECIALTY
IN ALARM SYSTEMS.
THE TWO BROTHERS THAT WERE
THE LEAD IN THIS OPERATION
WAS AMED AND AMAURY VILLA.
THIS IS A SOPHISTICATED,
INTERNATIONAL CARGO-THEFT RING
BASED OUT OF MIAMI, FLORIDA.
Narrator:
THE CONNECTICUT FACILITY
IS SOPHISTICATED, AS WELL,
WITH ELABORATE SECURITY.
THE WAREHOUSE IS PROTECTED
BY AN EXTENSIVE SECURITY SYSTEM
THAT INCLUDES TAMPER ALARMS
ON SECURITY ELECTRONICS,
MOTION DETECTORS,
AND ALARMS
ON EVERY DOOR AND WINDOW.
Narrator: THE SYSTEM IS THOUGHT
TO BE SO GOOD THAT THE EXTERIOR
OF THE WAREHOUSE ITSELF
HAS LIMITED SECURITY FEATURES.
Sferrazza:
THERE WAS NO EXTERIOR FENCES.
THERE WERE NO SECURITY
GUARDS ON THE PREMISES.
Narrator: THE REAL TECH
SECURING THE WAREHOUSE
IS CONTROLLED FROM WITHIN.
THE NERVE CENTER OF
THIS HIGH-TECH SECURITY SYSTEM
IS THE INTRUSION ALARM PANEL.
THIS INTRUSION ALARM PANEL
COORDINATES, ANALYZES,
AND ACTS ON ALL THE ELECTRICAL
AND DIGITAL CONNECTIONS FROM ALL
THE DETECTORS IN THE WAREHOUSE.
IT IS ESSENTIALLY A BOX WHERE
ALL THE ALARMS WOULD GO TO.
IF YOU WERE TO CUT A CCTV FEED,
THIS IS WHERE
YOU WOULD WANT TO DO IT.
IF YOU NEED TO CUT OFF
GROUND COMMUNICATIONS,
THIS IS WHERE
YOU WOULD WANT TO DO IT.
SO, THAT PANEL ITSELF
HAS TO BE SECURED, AS WELL.
YOU CAN'T JUST OPEN IT UP
AND START PULLING PLUGS ON IT.
IF IT'S OPENED UP,
IT SETS OFF AN ALARM.
Sferrazza: THE ALARM PANEL IS THE
BRAINS OF THE SECURITY SYSTEM,
BUT IT IS VULNERABLE
IF IT'S COMPROMISED IN ANY WAY.
Narrator:
TO GET TO THE PANEL,
THE THIEVES HAVE TO
GET INTO THE WAREHOUSE.
Hammack: THE ESSENTIAL STEP
IN THE VILLA BROTHERS' PLAN
IS TO CUT ALL COMMUNICATION
BETWEEN THE INTRUSION PANEL
AND THE OUTSIDE WORLD.
Narrator: BUT THEY HAVE TO
DODGE SECURITY FIRST.
♪♪
Narrator: CAREER CRIMINALS AMED
AND AMAURY VILLA HAVE MADE OFF
WITH $60 MILLION
IN PRESCRIPTION DRUGS
IN A WEEKEND HEIST
FROM A WAREHOUSE
IN ENFIELD, CONNECTICUT.
A HIGH-TECH ROBBERY OF THIS
MAGNITUDE COULD ONLY BE DONE
AFTER MONTHS PREPARATION
BY THE BROTHERS.
I WOULD DESCRIBE THIS ROBBERY
AS METICULOUS.
THEY OBVIOUSLY PUT
A LOT OF TIME INTO PLANNING.
THEY DID A LOT OF RESEARCH
OF ALL THE SECURITY MECHANISMS
IN PLACE.
IT'S A SURPRISE
THAT IT EVEN TOOK PLACE.
IT WAS JUST
A SOPHISTICATED ATTACK.
Sferrazza: WE BELIEVE
THEY HAD DONE SURVEILLANCE.
THEY WERE LOOKING TO SEE
THE LOCATION OF THE FACILITY,
PEDESTRIAN AND VEHICLE TRAFFIC,
DAYS OF WEEK, TIME OF ACTIVITY.
BECAUSE THE VILLA BROTHERS
WHERE CAREER CRIMINALS,
THEY KNEW WHAT TO LOOK FOR.
THEY KNEW HOW TO SEARCH ONLINE
AND IDENTIFY PLANS
FOR THE BUILDING.
THEY KNEW HOW TO LOOK
AT THE VARIOUS
DIFFERENT SECURITY SYSTEMS
THAT WERE PUT IN PLACE
THAT WERE VISIBLE
OUTSIDE OF THE WAREHOUSE
AND IDENTIFY THE MAKERS,
THE NAMES, THE BRANDS,
AND THINGS OF THAT NATURE,
AND THEY DID THEIR RESEARCH.
Narrator: AFTER COMPLETING
THEIR EXTENSIVE RESEARCH,
THE TECH-SAVVY CRIMINALS
ARE READY TO EXECUTE THEIR PLAN.
Sferrazza:
IT WAS A SATURDAY NIGHT.
THERE WAS NOBODY WORKING
AT THAT TIME.
THEY CLIMBED UP ONTO THE ROOF.
Narrator:
THE BROTHERS' RESEARCH REVEALED
THAT THE ROOF
ABOVE THE CONTROL ROOM
ISN'T ADEQUATELY PROTECTED
BY SECURITY CAMERAS.
THEY WERE FAMILIAR WITH HOW
THESE BUILDINGS ARE CONSTRUCTED
AND BY THE VISUAL SIGHT
OF THE BUILDING
COULD DETERMINE
WHERE THE CONTROL ROOM
AND THE ALARM PANELS
WERE LOCATED.
THEY HAD BROUGHT TOOLS
AND WERE ABLE TO CUT
AN OPENING INTO THE ROOF.
Narrator: BUT BEFORE THE THIEVES
CAN DISABLE THE ALARM PANEL
INSIDE THE WAREHOUSE,
THERE IS ONE THING THEY MUST DO.
THE ESSENTIAL STEP
IN THE VILLA BROTHERS' PLAN
IS TO CUT ALL COMMUNICATION
BETWEEN THE INTRUSION PANEL
AND THE OUTSIDE WORLD.
THAT WAY, THEY CAN TRIP
ANY ALARM THEY WISH,
BUT IT WON'T MATTER.
THE INTRUSION PANEL'S
PRIMARY METHOD OF COMMUNICATING
WITH THE OUTSIDE WORLD
IS BY TELEPHONE LAND LINES.
IF THE HARD LINE
INTO THE BUILDING ARE CUT,
THE SYSTEM WILL AUTOMATICALLY
DEFAULT OVER
TO A CELLULAR OR
A MOBILE-DEVICE COMMUNICATION.
BY CUTTING THIS,
THEY CAN CUT THAT ABILITY
FOR THAT COMMUNICATION
TO GO OUT, AS WELL.
DISABLING THE CELLPHONE MEANS
THAT ONCE
THE VILLA BROTHERS
ENTER THE CONTROL ROOM
AND DISABLE THEIR LAND LINES
IN THE INTRUSION PANEL,
THERE'LL BE
NO COMMUTATION BETWEEN
THE INTRUSION PANEL
AND THE OUTSIDE WORLD.
Narrator:
WITH THE CELLPHONE CUT OFF,
THE VILLA BROTHERS
ENTER THE WAREHOUSE,
READY TO TACKLE THE LAND LINE.
Sferrazza: THE POINT OF ENTRY
WAS ABOVE THE CONTROL ROOM.
THEY DROPPED THE ROPES DOWN
AND REPELLED FROM THE ROOF
INTO THE CONTROL ROOM.
Narrator: THE INTRUSION PANEL
IS ONLY A FEW FEET AWAY.
♪♪
BUT THE BROTHERS
KNOW BETTER THAN TO MOVE.
THE AREA NEXT TO THE ENTRANCE
TO THE CONTROL ROOM
WITH THE INTRUSION PANEL
IS PROTECTED
BY A MOTION DETECTOR.
Narrator:
BUT THE VILLA BROTHERS'
MONTHS OF RESEARCH HAS REVEALED
THAT THE MOTION DETECTOR
GUARDING THE INTRUSION PANEL
HAS A LIMITED RANGE.
THEY KNEW THAT THE ALARM SYSTEMS
HAVE THESE DETECTORS
THAT ONLY GO OUT FIVE FEET.
Narrator: MEANING THEY CAN GET
VERY CLOSE BEFORE TRIGGERING
THE MOTION-DETECTOR SENSOR.
Hammack: THE MOTION DETECTOR
ON THE CONTROL ROOM'S WALL
USES AN INFRARED SENSOR
TO DETECT INFRARED ENERGY.
Hilbert: INFRARED IS BASICALLY
THE HEAT WAVES
THAT YOU GIVE OFF ON YOUR BODY.
THE INFRARED SENSOR WORKS
BY NOTING CHANGES IN THE AMOUNT
OF INFRARED HEAT ENERGY.
WHEN IT DETECTS
A SUBSTANTIAL INCREASE
IN THE AMOUNT
OF INFRARED ENERGY,
IT SENDS AN ALARM
TO THE INTRUSION PANEL.
Narrator: BUT THE VILLA BROTHERS
HAVE A TRICK TO BEAT IT.
IF YOU MOVE VERY SLOWLY
AND YOU CAN SHIELD YOUR BODY
FROM THE DETECTOR ITSELF,
BEHIND STYROFOAM PANELS,
YOU CAN FOOL IT INTO BELIEVING
THAT THERE'S BEEN
NO CHANGE IN THE HEAT,
AND THAT'S EXACTLY
WHAT THE VILLA BROTHERS DO.
THEY UTILIZE A ROOM DIVIDER,
AND THEY MOVE VERY SLOWLY
SO THERE'S NO SPIKE IN HEAT.
THEY MAKE THEIR WAY
TO THE INTRUSION PANEL
WITHOUT TRIGGERING
THE MOTION DETECTOR.
Narrator: NEXT STEP,
DISARMING THE INTRUSION PANEL.
Jiggetts:
THE TAMPER SWITCH IS PLACED
IN THE UPPER-LEFT CORNER.
IT'LL SOUND THE ALARM
AS SOON AS THE PANEL DOOR OPENS.
BUT AMED MANAGES TO KEEP
THE TAMPER ALARM INTACT
BY PEELING AWAY THE PANEL DOOR.
Narrator: THE BROTHERS HAVE
ALREADY DISABLED THE CELLPHONE.
NOW ONLY THE POWER CABLE
AND LAND LINE REMAIN.
Jiggetts: IF AMED DISCONNECTS
THE WRONG CABLES,
HE MAY TRIP ANOTHER ALARM.
THE ONLY WAY THE VILLA BROTHERS
WOULD REALLY KNOW
THEY'D MADE A MISTAKE
IS IF THE POLICE SHOW UP.
BUT AMED HAS DONE HIS HOMEWORK.
HE DISCONNECTS THE PHONE LINES
WITHOUT ANY PROBLEMS.
Sferrazza: THIS WASN'T
THEIR FIRST TIME OUT.
THEY HAD EXPERIENCE
KNOWING WHICH WIRES TO CUT.
Narrator:
LEAVING THE BROTHERS FREE
TO CLEAR OUT THE WAREHOUSE.
THE BROTHERS LOAD OVER $60
MILLION OF PRESCRIPTION DRUGS
INTO THE TRUCK
THEY HAD PARKED OUTSIDE.
Sferrazza: THEY WERE FREE
TO OPERATE AT EASE.
THEY FELT NO RUSH,
AND THEY BEGAN, THEN,
TO USE A FORKLIFT TO LOAD UP
40 PALLETS OF THESE DRUGS.
Narrator: THERE'S ONLY ONE THING
THEY DIDN'T ACCOUNT FOR.
Sferrazza: WHEN THE THIEVES
CUT THE ALARM SYSTEM
AND THE PHONE LINES,
THAT TRIGGERED WHAT WE CALL
A COMMUNICATION FAILURE
TO THE ALARM COMPANY.
COMMUNICATION FAILURE
IS NOT AN INTRUSION ALARM.
IT JUST IS LETTING
THE COMPANY REP KNOW
THAT IT COULD BE A LOW BATTERY
OR SOMETHING'S GONE WRONG
WITH THE COMMUNICATION.
AND THERE'S CONSTANT
COMMUNICATION, BACK AND FORTH,
TO THE MONITORING COMPANY.
IT IS A CONTINUOUS,
"ARE YOU THERE?"
"YES, I'M THERE."
"ARE YOU THERE?
"YES, I'M THERE."
Sferrazza:
THEY LEFT A MESSAGE
ON THE ANSWERING MACHINE
OF THE COMPANY REPRESENTATIVE.
THIS IS LIKE
4:00 IN THE MORNING NOW.
THEY CALLED HER A SECOND TIME,
SO AROUND NOON TIME
ON MARCH 14th,
WHEN THE COMPANY REP
WENT INTO THE ELI LILLY...
AND THAT'S WHEN SHE NOTIFIED
THE AUTHORITIES.
Narrator: THEIR CAREFUL RESEARCH
DID NOT ACCOUNT
FOR THE COMPANY REP
SHOWING UP ON A SUNDAY.
THE BROTHERS ARE ON THE RUN,
BUT THEY DON'T HAVE
AS MUCH TIME AS THEY THINK.
THE NAIL IN THE COFFIN
IS THE DNA.
♪♪
Narrator: AFTER CAREER CRIMINALS
DEFEAT THE HIGH-TECH SECURITY
INSIDE
A PHARMACEUTICAL WAREHOUSE
AND MAKE OFF WITH
$60 MILLION WORTH OF DRUGS,
THE LOCAL POLICE ARE NOTIFIED.
Hilbert: THE POLICE SHOW UP,
AND THEY SECURE THE LOCATION...
THE WAREHOUSE AND AROUND IT.
Sferrazza: THE FORENSIC PART
OF THIS INVESTIGATION
STARTED WITH COLLECTING
THE EVIDENCE IN THE ROOM.
Hilbert: THIS INCLUDES TAKING
PICTURES OF THE GROUNDS AROUND IT,
LOOKING FOR FOOTPRINTS,
LOOKING FOR ANYTHING
THAT SEEMS JUST OUT OF PLACE
FOR THE WAREHOUSE
AS IT SHOULD HAVE BEEN
WHEN IT CLOSED UP
ON FRIDAY OR SATURDAY.
♪♪
Narrator:
ONE THING OUT OF THE ORDINARY
IS A COLLECTION OF TOOLS
ON THE ROOF.
Sferrazza:
THE THIEVES HAD LEFT
ABOUT 12 TO 14 SEPARATE PIECES.
Narrator: IT'S NOT
THE ONLY EVIDENCE THEY FIND.
Sferrazza: ONE OF OUR DETECTIVES
DID SPOT A WATER BOTTLE.
IT VERY EASILY
COULD HAVE BEEN WRITTEN OFF
AS JUST AN EMPTY WATER BOTTLE,
BUT THE DETECTIVE
DID THE RIGHT THING.
HE PHOTOGRAPHED IT, PUT IT IN
THE PROPER EVIDENCE CONTAINER.
Narrator: THE BOTTLE IS SENT OUT
FOR FORENSIC TESTING.
Hilbert: THE WATER BOTTLES
ARE THE KEY HERE,
BECAUSE IF
THEY WERE WEARING GLOVES,
THEY DIDN'T LEAVE
ANY FINGERPRINTS,
BUT IF THEY DRANK
OUT OF THE WATER BOTTLES,
THEY'RE GONNA LEAVE DNA.
Narrator:
WHILE THE DNA IS BEING ANALYZED,
POLICE FOCUS ON THE TOOLS.
Sferrazza: OUR LEAD DETECTIVE
TOOK THESE TOOLS,
WAS ABLE TO TRACK THEM BACK
TO ONE PARTICULAR
NATIONAL DISTRIBUTOR,
WHO THEN WAS ABLE
TO SEARCH THEIR DATABASE
AND FIND THAT THESE TOOLS
IN THIS COMBINATION
WERE ONLY SOLD ONE TIME THE DAY
BEFORE THE ROBBERY
IN FLUSHING, NEW YORK,
RIGHT NEXT TO LaGuardia AIRPORT.
JUST ABOUT EVERY PRODUCT
SOLD IN RETAIL STORES
HAS A SKU,
OR STOCK KEEPING UNIT.
IT'S A SPECIFIC CODE ASSIGNED
TO ITS PRODUCTS BY THE RETAILER.
ALL THE SKU PRODUCT INFORMATION,
AS WELL AS THE DATE
AND TIME OF SCAN
AND THE STORE'S LOCATION,
ARE ENTERED
INTO THE STORE'S DATABASE
AND CAN BE EASILY RETRIEVED.
Hilbert: THEY CONNECT THAT UP
WITH THE CCTV CAMERA FEEDS
FOR THIS STORE,
AND THEY'RE ABLE
TO IDENTIFY THE CAR
OF THE INDIVIDUALS RESPONSIBLE
FOR BUYING THESE TOOLS.
THEY EXTRACT THE LICENSE PLATE
FROM THAT CAR
AND SEE THAT IT'S ACTUALLY
A RENTAL CAR.
Narrator: WHEN POLICE TRACK IT
BACK TO THE RENTAL AGENCY,
THEY COME UP WITH A NAME...
AMAURY VILLA.
Hilbert: WHILE DOING
THAT RENTAL APPLICATION,
THE VILLA BROTHER
WOULD HAVE PROVIDED
HIS DRIVER'S LICENSE
WITH HIS PICTURE ON IT.
THE COPS GET A COPY
OF THIS DRIVER'S LICENSE
WITH HIS PICTURE
AND ARE ABLE TO MATCH
THAT PARTICULAR PICTURE UP
WITH THE CCTV CAMERA FOOTAGE
FROM THE WAREHOUSE
AND SEE THAT, IN FACT,
IT IS ONE OF THE VILLA BROTHERS.
BEING ABLE TO IDENTIFY
THE CAR OF THE DRIVER
IS ONE PIECE IN THE PUZZLE,
BUT THE NAIL IN THE COFFIN
IS THE DNA.
YOUR DNA IS WHAT GIVES YOU YOUR
BLUE EYE COLOR OR YOUR RED HAIR,
SO COLLECTING THE DNA
AT THIS SITE
AND THEN COLLECTING THE DNA
OF THE POTENTIAL SUSPECTS...
YOU CAN DO A ONE-TO-ONE MATCH
AND IDENTIFY
IF THEY WERE, IN FACT,
THE PEOPLE THAT WERE THERE.
ONCE THE DNA EVIDENCE HAS COME
BACK FROM THE WATER BOTTLES,
THEY WERE ABLE TO MATCH IT UP
WITH THE VILLA BROTHERS,
AND THEREFORE,
THEY HAVE THEIR CASE.
I DON'T BELIEVE
THERE IS A PERFECT CRIME.
THE VILLA BROTHERS JUST MADE
ONE OR TWO MISTAKES
OUT OF THE 100 DECISIONS
THEY HAD TO MAKE.
Narrator:
BUT THAT WAS ENOUGH.
AMED AND AMAURY ARE SERVING TIME
FOR THE ROBBERY
OF OVER $60 MILLION
OF PRESCRIPTION DRUGS.
THEY RECEIVED FROM
SEVEN TO EIGHT YEARS IN PRISON.
Narrator: AMAZINGLY, ALL OF
THE STOLEN DRUGS WERE RECOVERED.
HAVING LEARNED A HARD LESSON,
THE PHARMACEUTICAL COMPANY
TAKES DECISIVE ACTION
TO MAKE SURE
THIS DOESN'T HAPPEN AGAIN.
THEY IMMEDIATELY BEGAN TO HIRE
OFF-DUTY POLICE OFFICERS
FOR SECURITY,
AND THEN THEY ERECTED
A PRETTY FORMIDABLE FENCE NOW.
AND THEY ALSO MADE SIGNIFICANT,
COMPREHENSIVE CHANGES
TO THEIR SECURITY SYSTEMS.
Hilbert: PHARMACEUTICAL
COMPANIES ACROSS THE COUNTRY
REVAMPED THEIR
SECURITY MEASURES.
WHATEVER CHANGES
THEY HAVE MADE HAVE RESULTED IN
NO SIMILAR PHARMACEUTICAL THEFTS
IN RECENT HISTORY.
Narrator: ON THE OTHER SIDE
OF THE COUNTRY,
AN L.A.-BASED CRIME SYNDICATE
KNOWN AS ARMENIAN POWER
IS TWISTING TECH TO ITS OWN ENDS
AS IT BRANCHES OUT
FROM TRADITIONAL ROBBERY
AND EXTORTION
TO CREDIT-CARD SKIMMING FRAUD.
THEY'RE RIPPING THE IDENTITIES
OFF FROM INNOCENT VICTIMS,
AND THEN THEY'RE TAKING
THAT INFORMATION,
THEY'RE PUTTING IT INTO OTHER
RE-CODED CREDIT CARDS.
Narrator:
THE FAKE CREDIT CARDS ARE USED
TO BUY ENORMOUS AMOUNTS OF GAS,
WHICH IS THEN RESOLD.
Reporter:
IT IS A DANGEROUS OPERATION.
POLICE CALLED THIS
"A BOMB ON WHEELS."
♪♪
Narrator: A SOPHISTICATED
CREDIT-CARD FRAUD IS MARRIED
WITH OLD-SCHOOL ROBBERY
IN A 21st-CENTURY
MONEY-MAKING SCAM.
THE PLAN IS TO STEAL
CREDIT-CARD ACCOUNT INFORMATION
RIGHT FROM THE GAS PUMPS
WHERE PEOPLE FILL UP THEIR CARS.
THE MASTERMINDS BEHIND THIS PLOT
ARE MEMBERS OF L.A.-BASED
CRIME SYNDICATE ARMENIAN POWER,
EVEN THOUGH THE RUTHLESS GANG
IS BEING WATCHED
BY THE AUTHORITIES.
IN 2008,
THE L.A. FRAUD TASK FORCE,
MADE UP OF THE U.S.
SECRET SERVICE AND THE L.A.P.D.,
IS SET UP TO TRACK ARMENIAN
POWER'S ILLEGAL ACTIVITIES,
WHICH RANGE FROM BANK FRAUD
AND IDENTIFY THEFT
TO VIOLENT EXTORTION
AND KIDNAPPINGS.
Hilbert: ARMENIAN POWER
WAS ACTUALLY TAKEN DOWN
BY A SPECIAL TASK FORCE.
IN 2011, A GREAT NUMBER OF THEM
WERE ACTUALLY ARRESTED
AND PUT INTO JAIL,
BUT THEY WERE CONTINUED
TO BE MONITORED
BECAUSE THAT'S WHAT HAPPENS
WITH GANGS.
Narrator: EVEN WITH MOST
OF THE GANG IN PRISON,
THE TASK FORCE SECRETLY INSTALLS
GPS TRACKING DEVICES
ON THE CAR USED
BY TWO ARMENIAN POWER MEMBERS...
NAZAR DANIYELYAN
AND ANTHONY TNGRYAN.
THE CAR LEADS AGENTS TO TWO
COACHELLA VALLEY GAS STATIONS,
WHERE THEY DISCOVER
ILLEGAL CREDIT-CARD SKIMMERS
AT THE PUMPS.
A SKIMMER IS A DEVICE
THAT READS THE MAGNETIC STRIP
OFF OF A CREDIT CARD.
ILLEGAL SKIMMERS ARE DEVICES
THAT ARE PLACED IN LOCATIONS
WHERE THEY LOOK TO BE PART
OF THE EQUIPMENT AS IT EXISTS.
THE SKIMMER THEN COLLECTS
THE CREDIT-CARD INFORMATION.
Narrator: THE SKIMMERS
HAD BEEN THERE FOR WEEKS,
SECRETLY INSTALLED BY THE GANG.
THIS IS HOW ARMENIAN POWER
DID IT...
AFTER PARKING LARGE VANS
BY THE PUMPS
TO BLOCK THE VIEW OF CCTVs
AND GAS-STATION EMPLOYEES,
GANG MEMBERS INSTALLED
SKIMMER DEVICES ON THE PUMPS.
SOME SKIMMERS ARE HOMEMADE,
MADE WITH PARTS PURCHASED
AT ELECTRONIC STORES,
INCLUDING CIRCUIT BOARDS,
SOLDERING EQUIPMENT, GLUE GUNS,
ELECTRICAL TAPE, AND WIRES.
THE SKIMMERS STEAL, COPY,
AND STORE CREDIT-CARD DATA
FROM CARDS USED TO PAY FOR GAS.
THIS SCAM ITSELF ISN'T NEW,
BUT HOW THE DATA IS COLLECTED
HAS BEEN UPGRADED.
THE GANG NOW USES
BLUETOOTH TECHNOLOGY
TO TRANSMIT INFORMATION
OVER RADIO WAVES
INSTEAD OF HAVING TO RETRIEVE
THE SKIMMERS THEMSELVES
OR HARDWIRE IN.
Monsegur:
AS TIMES PROGRESSED
AND SCAMMERS
HAVE GOTTEN MORE SOPHISTICATED,
THEY'VE ALSO CREATED
BLUETOOTH SKIMMERS.
BEFORE THEN, ATTACKERS WOULD
HAVE TO BABYSIT THE DEVICE,
AND THEY WOULD HAVE TO
WAIT AROUND,
POTENTIALLY COMPROMISING
THEIR IDENTITY.
NOW THAT WE HAVE
BLUETOOTH-ENABLED SKIMMERS,
THE BAD GUYS
NEVER HAVE TO GO BACK.
WHEN THE CARD GOES IN,
IT AUTOMATICALLY
IS TRANSMITTED TO,
VIA BLUETOOTH, TO ANOTHER
STORAGE DEVICE 100 YARDS AWAY,
AND THE BAD GUYS CAN DRIVE AWAY
WITH THE INFORMATION,
LEAVING HE SKIMMER BEHIND
WITH NO PROBLEM.
Narrator: THE STOLEN DATA IS FED
TO A CLONING DEVICE.
IT'S A MAGNETIC CARD ENCODER,
AND IT PUTS THE DATA
ONTO A BLANK CARD.
Hilbert:
THE MAGNETIC-STRIP ENCODERS
ARE ACTUALLY VERY EASY TO FIND,
BECAUSE MAGNETIC-STRIP ENCODING
IS UTILIZED
ON ALL KINDS
OF DIFFERENT THINGS...
YOUR ACCESS BADGE TO YOUR WORK,
YOUR DRIVER'S LICENSE.
YOU CAN BUY THESE DEVICES
DIRECTLY FROM
THE MANUFACTURER THEMSELVES.
AS YOU USE YOUR CREDIT CARD
TO GO INTO
YOUR LOCAL GAS STATION,
THAT PUMP HAS A SKIMMER ON IT,
AND THAT'S WHAT THEY'VE PLANTED,
THESE SKIMMERS,
AND THEY'RE RIPPING
THE IDENTITIES
OFF FROM INNOCENT VICTIMS.
AND THEN THEY'RE TAKING
THAT INFORMATION,
THEY'RE PUTTING IT INTO OTHER
RE-CODED CREDIT CARDS.
Narrator:
WITH THE RE-CODED CARDS,
THE CRIMINALS BUY GAS,
BUT NOT JUST A TANK FULL.
Reporter: THE SMALLER TRUCKS,
CALLED "BLADDER TRUCKS"...
"BLADDER" BECAUSE OF THE
MAKESHIFT ILLEGAL TANKS INSIDE
USED TO CARRY THE STOLEN DIESEL.
Hammack: THE GANG JERRY-RIGGED
TRUCKS BY HIDING HUGE TANKS,
OR BLADDERS, INSIDE THEM.
THE BLADDERS CAN HOLD
UP TO 500 GALLONS OF FUEL.
A SPECIALIZED
SIPHONING PUMP TRANSFORMS FUEL
FROM THE GAS TANK
INTO THE BLADDER.
Narrator: THE HOMEMADE BLADDER
IS A LARGE, FLEXIBLE CONTAINER
EITHER MADE OF METAL OR PLASTIC
HIDDEN IN THE BACK OF VANS
OR COVERED PICKUP TRUCKS.
THE GANG TAKES AS MUCH FUEL
AS THE PUMP IS AUTHORIZED
TO GIVE TO A SINGLE CARD,
USUALLY $75.
THEN THEY INSERT ANOTHER
CLONED CARD IN THE SAME PUMP.
♪♪
THEY KEEP DOING THIS
UNTIL THE BLADDER TANK IS FULL,
THEN THEY DRIVE IT AWAY
TO RESELL THE STOLEN GAS
TO OTHER GAS STATIONS.
THEY'RE GETTING IT
AT A DISCOUNT,
THEY KNOW IT'S AT A DISCOUNT,
THEY KNOW IT'S STOLEN.
Narrator: AS THEY HEAD DOWN THE
CONGESTED CALIFORNIA FREEWAYS,
THE GAS-FILLED TRUCKS
PUT THE GANG
AND OTHER DRIVERS AT RISK.
THESE TRUCKS
ARE EXTREMELY DANGEROUS
DUE TO THE HOMEMADE GAS TANKS
AND THE AMOUNT OF GASOLINE
THEY'RE CARRYING.
Narrator: THE TRUCKS CAN EXPLODE
AT ANY MOMENT.
Hammack: THE WEIGHT OF THE GAS
CAN CAUSE BRAKING PROBLEMS,
THE JERRY-RIGGED PIPES, PUMPS,
AND TANKS OFTEN LEAK,
AND THEIR CARGO MAKES THEM
HIGHLY COMBUSTIBLE,
SO THEY CAN IGNITE ALL AT ONCE.
Narrator: IT'S BEEN ESTIMATED
THAT AT ANY GIVEN TIME,
THERE ARE 20 TO 30
OF THESE DEADLY BLADDER TRUCKS
DRIVING DOWN L.A. FREEWAYS
AND SIDE STREETS.
ON DECEMBER 7, 2014,
THE L.A. TASK FORCE
GETS A BREAK IN THE CASE.
THE GPS
THE TASK FORCE HAD INSTALLED
ON A GANG MEMBER'S CAR TRACKS
THE UNSUSPECTING CRIMINALS
TO A CASINO,
WHOSE SURVEILLANCE FOOTAGE
ALLOWS FOR THE SUSPECTS
TO BE IDENTIFIED.
10 MONTHS LATER,
NAZAR DANIYELYAN
AND ANTHONY TNGRYAN,
ALONG WITH SIX OTHERS,
ARE CHARGED WITH FEDERAL FRAUD
AND IDENTITY THEFT.
AUTHORITIES HOPE THAT
WITH NEW SECURITY MEASURES,
THESE KINDS OF CRIMES
WILL DISAPPEAR.
Hilbert:
TECHNOLOGY AND THE PROCESSES
HAVE CHANGED DRAMATICALLY.
GAS COMPANIES HAVE CHANGED
THE WAY WITH WHICH
THE CARD-PAYMENT DEVICE
IS INSTALLED.
SOME HAVE INSTALLED
SHRIEKING ALARMS
IF YOU TRY TO MESS WITH THEM.
Narrator: FOR THEIR PART,
CREDIT-CARD COMPANIES
HAVE INCREASED WHAT ARE CALLED
"VELOCITY CHECKS."
THIS IS WHERE AN ALERT
IS TRIGGERED IF THE SAME CARD
IS USED TO BUY
MANY FULL TANKS OF GAS
AT MORE THAN ONE LOCATION
ON THE SAME DAY.
NEW CREDIT-CARD CHIP TECHNOLOGY
WILL ALSO MAKE IT HARDER
TO COUNTERFEIT CARDS.
SO, AS CHIP-ENABLED READERS
ARE SLOWLY INSTALLED
AT GAS PUMPS ACROSS THE U.S.,
THE POSSIBILITY OF THIS
KIND OF FRAUD WILL DECREASE.