Turkish national Ercan Findikoğlu, 32 years old, has alleged links to global cybercrime activity that generated millions of dollars in illicit revenue. He has been linked to the 2012/2013 attacks on EnStage and ElectraCard in India, two payment processing companies, and on partner banks including the the Bank of Muscat, Oman, and the National Bank of Ras Al-Khaima (RAKBANK), UAE.
All told, over $45 million was stolen by using cloned payment cards with stolen PIN codes to withdraw cash from ATM machines all over the world, including from some 140 machines in New York. In February 2013, over 36,000 illicit ATM withdrawals were made within a ten hour time frame.
Findikoğlu is also allegedly linked to a failed heist targeting over a million credit card numbers back in 2008, around the time he was described as the world's "number two hacker."
In August, a regional court approved his extradition to the United States, but now the Bundesverfassungsgerich (Federal Constitutional Court of Germany) has overturned the lower court's decision, citing the "extreme length" of the sentence being threatened by U.S. authorities, and the inclusion of a "conspiracy" charge which is incompatible with German laws.
The potential sentence he could face in the United States is close to 250 years imprisonment.
This doesn't mean he is out of the woods however, as his native Turkey is also seeking his extradition now. He may only face a few years in prison in Turkey.
Sources and Recommended Reading:
German court blocks US extradition for "number two" hacker: nakedsecurity.sophos.com
Originally reported by Der Spiegel in Germany in November.
Written by: James Delahunty @ 5 Dec 2014 8:17