Russian Sentenced To Prison In Credit Card Malware Attacks

January 7, 2013

Preet Bharara

U. S. Attorney Preet Bharara -- about the only thing between you and the bad guys these days.

This is an update of a "Street Sweeper" column published on January 18, 2012.

I mean, geez, is it me or doesn't it seem like Preet Bharara is  the only U.S. Attorney who is waging war against the bad guys?

Virtually every day there seems to be some commendable Indictment emanating from his office at the Southern District of New York, or, even more importantly, his team seems to be extracting guilty pleas or winning jury verdicts.  After years of self-serving publicity from far too many state and federal prosecutors whose main goal seemed self aggrandizement and posturing for a future political career, it's refreshing to watch a consummate professional prosecutor discharge his duties with class and savvy.

Take a look inside your wallet. Take a hard look at your Visa, Mastercard, American Express, or Discover cards. They look good - right?  You're pretty sure that you've kept the card information confidential. In fact, you're extra careful about using those account numbers online.  Okay, listen, sit down - you're not gonna like what I have to tell you.

In May 2007, Russian citizens  VLADIMIR ZDOROVENIN, 54; and his son KIRILL ZDOROVENIN were indicted under seal.  On March 27, 2011, Vladimir Zdorovenin was apprehended in Zurich, Switzerland, and thereafter extradited to the U.S.,.  He arrived in New York on January 16, 2012. Kirill Zdorovenin remains at large.

On January 17, 2012 , Bharara announced the unsealing of a nine-count criminal Indictmentcharging the Zdorovenins with:

  • conspiracy,
  • mail fraud,
  • wire fraud,
  • computer fraud,
  • aggravated identity theft, and
  • securities fraud.

NOTE: The charge and allegations contained in the Indictment are merely accusations, and the defendants are presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law

The Indictment alleges that between 2004 and 2005, the Zdorovenins stole victims' personal identification information, including credit card numbers. This was purportedly accomplished  through the use of malware computer programs that were surreptitiously installed on victims' computers and recorded the user's keystrokes. In addition to stealing information through compromised computers, the Zdorovenins are also charged with purchasing stolen credit card numbers.

Once in possession of the purloined credit card information, the Zdorovenins allegedly made fraudulent purchases  of goods from multiple phony websites (which they had set up), and, thereafter, forwarded the payments from those bogus sites to bank accounts that they controlled inRussia and Latvia.

Moreover, the Zdorovenins allegedly used the Internet to unlawfully access victims' financial services accounts located in the United States and then transferred (or attempted to transfer) hundreds of thousands of dollars from those accounts to their Russian and Latvian bank accounts. The victims' online brokerage accounts were allegedly used by the Zdorovenins to buy and sell thousands of shares of certain companies' stock in an effort to manipulate the prices of those stocks. The Indictment alleges that the Zdorovenins realized profits through this scheme by simultaneously purchasing or selling shares of the same stocks through their own online brokerage account, maintained in the name of Rim Investment Management, Ltd.

Vladimir Zdorovenin faces  a maximum sentence of 142 years in prison in connection with the charges.


In February 2012,  Vladimir Zdorovenin pled guilty to one count of conspiracy to commit wire fraud and one count of wire fraud. On January 4, 2013, he was sentenced to three years in prison, and ordered to  forfeit up to $1 million and pay restitution in an amount to be determined.

Kirill Zdorovenin remains at large.