Any organization or individual may become a target for cybercriminals. From children to senior citizens, threat actors exploit all kinds of information to their advantage. According to an ongoing investigation, a Russian attacker allegedly stole the personal information of the U.S. Congressional Medal of Honor holders.
The Congressional Medal of Honor award is the U.S. government’s highest and most prestigious military decoration. It was found that the threat actor targeted 22 of 75 living Congressional Medal of Honor recipients and misused their data for fraudulent transactions.
The attacker created a fresh line of credits using the stolen identities to make purchases at the Air Force Exchange Service (AAFES). The fraudulent purchases include luxury watches and Apple products worth tens of thousands of dollars. The hacker allegedly obtained $54,530.92 via 50 separate fraudulent transactions.
“The U.S. Secret Service is currently investigating a matter in which the personally identifiable information (PII) of 22 of 75 living Congressional Medal of Honor recipients was used to create fraudulent lines of credit at the Army and Air Force Exchange Service (AAFES) to purchase items utilizing the newly created fraudulent lines of credit, all in violation of 18 U.S.C. § 1029 (access device fraud),” an affidavit from a Special Agent Matthew O’Neill read.
An Intelligent Device Fraud
The perpetrator shipped the fraudulently obtained goods to various commercial reshipping companies, which were eventually shipped to different locations across Russia. “An individual re-shipper named Kiril Motorin, located in Gaithersburg, MD advised that he became a re-shipper after responding to an employment advertisement on a website used by Russians living in the Washington, DC, area. Motorin provided me e-mails, sent to him from [email protected], which provided Motorin instructions such as where to send the merchandise and on how Motorin would be paid for re-shipping the merchandise,” O’Neill added.