Albert Gonzalez

Albert Gonzalez

Hacker, founder of the international "carder exchange"
Country: USA

Albert Gonzalez: Hacker and Founder of International Carder Forum

Albert Gonzalez, an American hacker and the founder of the international carder forum ShadowCrew, was sentenced to 20 years in prison for stealing over 170 million credit cards. Born to Cuban immigrants in Miami, Albert Gonzalez developed a passion for computers at a young age, realizing that high technology could bring him substantial profits. However, his criminal inclinations became evident during his school years, where he was known as the leader of local computer enthusiasts.

At the age of 17, Gonzalez came under the radar of the FBI when he and two school friends hacked into government servers in India and left unfavorable comments about Indian culture. Although he received a warning and was banned from using computers for six months, it was clear that Gonzalez's criminal activities were just beginning.

After graduating from high school, Gonzalez moved from Miami to Newark, New Jersey. From the comfort of his home, he became actively involved in the internet, creating the well-known community ShadowCrew and becoming one of its most active members. On ShadowCrew, carders would exchange secrets of success and engage in buying and selling large quantities of stolen credit card data and personal information.

The trading on ShadowCrew operated under a system of trust and market laws. Carders would auction off their stolen data, and in case of any issues, such as blocked credit cards, there would be procedures for exchanges or refunds. According to the FBI, around 4,000 individuals were registered on ShadowCrew, although the actual number of carders was significantly smaller.

The downfall of ShadowCrew came when federal authorities launched an operation and Gonzalez became an informant to avoid criminal charges himself. Working in cooperation with the government, Gonzalez received an annual salary of $75,000. From April 2003 to October 2004, FBI agents closely monitored the activities on ShadowCrew, gathering evidence for arrests. Despite a close call when documents indicating surveillance were leaked on the forum, Gonzalez managed to divert suspicion. On October 26, 2004, 26 of the most active participants in the carder community were arrested, and ShadowCrew ceased to exist.

However, even under investigation, Gonzalez continued his illicit activities. Secretly, he devised a scheme for stealing personal data from retail customers together with a group of accomplices. The criminals gained access to company networks through the analysis of traffic using a specially crafted sniffer program. The data obtained allowed them to remain undetected while accessing sensitive information. Gonzalez would scan the Wi-Fi traffic of store networks from the comfort of his car to find vulnerabilities.

One of the major victims of Gonzalez and his team was the TJX Companies corporation, which owned one of the largest retail clothing store chains in the US, T.J. Maxx. Suspicion fell on TJX in December 2006, after Gonzalez and his accomplices had been working on the company's networks for six months, stealing over 40 million credit card numbers and personal data.

On May 7, 2008, Gonzalez and ten of his associates were arrested by the FBI. Interestingly, the program used to steal data from the retailer's networks was not created by Gonzalez himself but by Stephen Watt, a Morgan Stanley employee in New York known as the "unix-terrorist" in hacking circles. Gonzalez played a central role as the mastermind behind the operation.

During the investigation, it was discovered that Gonzalez was involved in other major card data breaches in recent years. He was implicated in the hacking of Heartland Payment Systems, one of the largest payment processors in the US, as well as the compromise of 7-Eleven ATMs and the Hannaford Bros supermarket chain. In total, data on 135 million credit and debit cards and their owners' identities were stolen and resold on similar platforms to ShadowCrew. The operation among hackers was informally known as "Get rich or die trying."

Unlike many other hackers, Gonzalez was motivated by money rather than a passion for the art. He kept half a million dollars in cash at home, while another million was buried in his parents' backyard. He used his earnings to buy a Miami apartment, a car, multiple Rolex watches, a Tiffany ring for his girlfriend, and other luxuries, which will now be used to compensate for the damages caused. Gonzalez was known for hosting extravagant parties, including one rumored to have cost $75,000.

Faced with overwhelming evidence, Gonzalez had no choice but to plead guilty and cooperate fully with the investigation, revealing the details of his crimes. Otherwise, given his previous experience with law enforcement, he risked a life sentence.

His lawyers argued that their 28-year-old client suffered from autism and internet addiction, committing all his crimes under the influence of LSD, ketamine, and marijuana, claiming that he was not fully aware of his actions. Given the scale of his operations, it was difficult to believe these claims. According to the court's decision, Albert Gonzalez was sentenced to 20 years in prison.

© BIOGRAPHS