How did the Feds catch the notorious Russian computer hacker Roman Seleznev - the person responsible for over 400 point of sale hacks and at least $169 million in credit card fraud? What challenges did the government face piecing together the international trail of electronic evidence that he left? How was Seleznev located and ultimately arrested?
This presentation will review the investigation that will include a summary of the electronic evidence that was collected and the methods used to collect that evidence. The team that convicted Seleznev will show how that evidence of user attribution was used to finger Seleznev as the hacker and infamous credit card broker behind the online nics nCuX, Track2, Bulba and 2Pac.
The presentation will also discuss efforts to locate Seleznev, a Russian national, and apprehend him while he vacationed in the Maldives. The presentation will also cover the August 2016 federal jury trial with a focus on computer forensic issues, including how prosecutors used Microsoft Windows artifacts to successfully combat Seleznev's trial defense.
Norman Barbosa is a former federal prosecutor from the U.S. Attorney's Office for the Western District of Washington in Seattle, Washington. Norman previously led the U.S. Attorney's Office's Computer Hacking and Intellectual Property (CHIP) crimes unit and served as the office's National Security Cyber Specialist.
Harold Chun is a trial attorney with extensive experience investigating and litigating complex computer crimes. Most recently, he was Senior Counsel with the Computer Crime & Intellectual Property Section, Criminal Division, U.S. Department of Justice, where he prosecuted federal computer crimes and intellectual property violations.
Kyle Ehmke is a threat intelligence researcher with ThreatConnect and has eight years of experience as a cyber intelligence analyst previously in the Intelligence Community and within the healthcare sector. Kyle has followed a wide range of cyber threats ranging from the Middle East and Extremists to, more recently, those specifically affecting the healthcare and pharmaceutical sector. He is also actively involved with ThreatConnect's research into Russian election activity and targeted efforts against Bellingcat, WADA, and others.