Wednesday, May 14th, 2008
The Arrest of Vladuz: A Team Effort
On Wednesday, May 14, a joint press conference was conducted by General Inspector of Romanian Police, Questor Gheorghe Popa; Directorate for Investigation of Organized Crime and Terrorism (DIICOT), Codrut Olaru; and eBay VP & Chief Information Security Office, Dave Cullinane regarding the the arrest of Vlad Duiculescu (”Vladuz”).
The press conference was an opportunity for eBay to publicly commend and thank the dedication and hard work of Romanian law enforcement in helping bring Vlad to justice.
Following the press conference, I was fortunate to get some time on the phone with Dave Cullinane and his team of security experts to discuss the arrest further. Unfortunately, because the Romanian authorities leading the prosecution have not finalized charges, I was unable to address specific allegations. However, I do plan on pursuing further when that time comes.
I was impressed to learn the extent to which the investigation stretched across many different agencies in different geographies. Dave explained that the arrest was due to a formalized collaboration between eBay and the Romanian General Directorate for Combating Organized Crime, the DIICOT and in cooperation with the US Secret Service and the FBI. In addition to those police agencies, authorities in Romania and the US Department of Justice played significant roles in gathering electronic evidence across multiple jurisdictions.
The eBay Fraud Investigations, Information Security, and Legal teams work in a cross-functional, global capacity and have a current headcount of 50 specialists that have formalized relationships with crime and investigation agencies both in the US and abroad to help investigate cases such as this. Given the intricacies of the relationships formed, I would think that the multi-year investigation, and subsequent arrest, will make for an excellent case study in cybercrime detection - and one that eBay can build upon for future cases.
Cheers,
RBH
Tagged: cyber+attack, cybercrime, ecommerce, fbi, fraud, hacker, romania, vladuz
MechelleOn 05.14.2008 at 11:20 pm Said:
I swear last fall I read on the auction guild that eBay denied the existence of this “cyber criminal”- I don’t know
dimesOn 05.15.2008 at 1:54 am Said:
“Unfortunately, because the Romanian authorities leading the prosecution have not finalized charges, I was unable to address specific allegations.”
He hasn’t been charged yet? What did they arrest him for, throwing PC’s out the window?
SandiOn 05.15.2008 at 1:56 am Said:
I swear last fall I read on the auction guild that eBay denied the existence of this “cyber criminal”- I don’t know
You did, ebay was not been forthcoming on this issue. Even the initial press release after his capture claimed he had been “unsuccessful”.
A Google search will show how unsuccessful.
DaveyOn 05.15.2008 at 9:16 am Said:
Yeah, I dislike these kind of people too. Let me see…
People who disrupt my business and make a business plan hard to execute, who end up with a disparate amount of my profits, whose actions are hidden, mysterious, and who can strike at any time without mercy? People who despise me through their actions? Who deface my auction page space with their own advertisements? Who take and don’t give back? People who brag about being able to do so?
Oops, gotta remember we’re talking about Vladuz here, not eBay management 
Dave_WhiteOn 05.15.2008 at 3:05 pm Said:
On occassion, the more I deal with the public, the more I love my dog!
I am truly bewildered. What possible fault can be found with the concentrated effort of several INTERNATIONAL law enforcement agencies, the security department of at least one and possibly several corporations, all working together to bring to justice an intentional, deliberate threat to the security of the internet?
Yes, I did say the internet, because just as sure as you can sit in front of your computer and type your complaints and concerns about this site, Vladuz or someone smarter than he (he can’t be too awful damned smart, he got caught didn’t he?)has or is doing the same or worse on other sites. This investigation and the tools and techniques used will certainly be of value in future investigations into this type of “terrorism”. Now I know what you are thinking, why in the world is this guy spouting off about terrorism. Look up terrorize in the dictionary. ” To coerce through intimidation” and that is just what Vladuz and others like him are doing.
Oh, and by the way, why you may ask did eBay initally deny the attacks by this CRIMINAL, then acknowledge the attack? When attempting to catch a CRIMINAL, law enforcement like a good poker player NEVER show their hand till all the bets are placed!
By now, you may think I either work for eBay or maybe an avid proponent. Neither is true, infact I more often than not oppose things that eBay does, however being objective is a good thing, and when eBay does something GOOD I support it. THIS WAS AND IS A GREAT EFFORT NOT ONLY BY EBAY BUT THE INTERNATIONAL LAW ENFORCEMENT COMMUNITY AS WELL!
TheBrewsNewsOn 05.15.2008 at 3:09 pm Said:
@Dave,
You might want to check out your URL link in your name. There appears to be a dot-com missing at the end.
Freight88On 05.16.2008 at 7:08 am Said:
This person, even though he broke the law made better security on ebay. There are many hacked accounts but all in all, this person will not be the downfall of ebay
AmberOn 05.16.2008 at 9:30 am Said:
“why you may ask did eBay initally deny the attacks by this CRIMINAL, then acknowledge the attack? ”
It had nothing to do with criminal investigations etc…
it had to do with PR.
REAL police officers DO hold press conferences where they ACKNOWLEDGE the crime(s). They don’t provide details of the investigation, but neither do they deny the crimes happened in the first place.
The repeated denials by ebay about the very existence of this person further tarnished the perception of this company’s truthfulness.
Don’t get me wrong, I’m glad they caught the guy. A criminal is a criminal. I’m glad ebay stepped up and went after him. But I don’t think eBay’s denials were anything but self serving.
MechelleOn 05.16.2008 at 9:45 am Said:
My understanding from reading about the topic on Auction Guild last year is that eBay was denying his existence because he was hacking into the eBay system proving that eBay’s system is not at all safe, and that personal information was easily attained by someone savvy enough in the technology to do it if they wanted to. Again it has been a while since I read about it, but I think that was the gist of it.
So yes Amber, the denial of existence was purely to avoid negative attention and distrust of the clear non-secure site eBay is to someone capable and driven enough to want to hack it and create havoc.
David WombacherOn 05.17.2008 at 12:11 am Said:
I find it hard to believe he acted alone and no one else knows how to do what he was doing. People like him need an audience.
What efforts are underway to find his friends/accomplices?
Thank you,
David Wombacher The Camera Hunter thecamerahunter camerahunter
horsemamaOn 05.18.2008 at 3:36 pm Said:
Given that eBay denied Vladuz did anything, just WHAT are they going to prosecute him for?
SandiOn 05.18.2008 at 4:14 pm Said:
I find it hard to believe he acted alone and no one else knows how to do what he was doing.
That’s an incorrect assumpation. Hackers all over the world can do what he did. Hackers tend to do things for 2 or 3 reasons:
Just prove they can - there are sites hackers post their latest accomplishments.
Anger - made at a specific corporation/organization (Vladuz seem to have a real hard on for ebay)
To steal - either monies/trade secrets.
The bigger the site, the more attacks they seem to get - in part because they represent “the man” so to speak. Any site can be hacked into if one is determined.
That’s the one issue I wish corporations like ebay would be more upfront about. They give the sense of false security. I am sure they rationale it by thinking no one would use the site if they knew it was vulnerable - but in the process they do a disservice.
Take ebay, they denied this guy was breaking into their site (he posted a slew of names, credit card info of ebay users on the trust and safety boards last summer, ebay closed the board down and contacted the users who had data posted). But reality is, there really is nothing ebay or anyone can do if a hacker really wants to get in - users simply need to know that and always use the internet being proactive regarding their data.
If you watch the tech news, you will see that it is much more common than you would think. Hackers normally tend to be loners - programmers by nature tend to be (I base this on being a programmer and owning a multimedia company who employs programmers. My husband and children say I have a warped sense of what is “fun” which is strange given 2 of my children are computer engineers and they share that quality but simply do not recognize it yet.
While hacking into a site is not my idea of fun, I do have fun creating code that lets something happen that someone said “That can’t be done”, or simply seeing magic created with a string of pound signs, quotes and other characters.
A group of 16-20 yr. just were caught over the last few days, they are unique in they were a group, but groups are not typically the norm - or haven’t been. Maybe the new gaming atmosphere of group games will increase the number of hackers joining forces, who knows.
More often than not hackers simply break into a site so they can say “they did it”, it is like a sport and has it’s own unique “followers”. One wonders what they could accomplish if they harnessed their intelligence to do something productive.
possibly several corporations, all working together to bring to justice an intentional, deliberate threat to the security of the internet?
Nothing, it is great news he was caught. Again, my issue is the denials by ebay and corporations like ebay. The general public would be better served to know that no site is invicible.
For example I know that because I am a programmer - I only use the credit card that lets me generate a new card number for each internet transaction. There are available tools for users to use to protect themselves but they need to know they need protecting.
14 Responses on this post. Click to add yours.