Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Loner ran site for stolen card details

Wesley Johnson,Sam Marsden,Press Association
Thursday 14 January 2010 10:14 EST

A loner with a modest lifestyle ran a secretive website where criminals traded information from stolen credit cards causing tens of millions of pounds of losses.

Renukanth Subramaniam helped to run the virtual criminal community DarkMarket, which was shut down by an undercover FBI officer after a two-year global investigation.

The site featured breaking news-style updates on the latest compromised information, enabling criminals to trade credit card information and other personal details.

Subramaniam, 33, was remanded in custody by a judge at Blackfriars Crown Court in London at his own request today after earlier pleading guilty to conspiracy to defraud and five counts of furnishing false information.

Subramaniam owned three houses which he rented out, but had no fixed address and stayed with different friends in suburban London areas including Wembley and Ilford.

In the real world he was "a very quiet man" with no previous convictions who worked in dead-end jobs, according to investigators.

But online, as JiLsi, he was key to the website's success.

He joined the site on the day it launched in November 2005 and was heavily involved in running it.

A senior source close to the inquiry said: "If not the top, he's one of the highest that is involved because of what he's managed to achieve in setting up a global forum for 2,000 members across Europe and America to commit fraud and work together.

"No JiLsi, no DarkMarket."

Undercover officers from the security services and the FBI - using the online nicknames MastrSplyntr and sockaddr - infiltrated the website, posing as criminals, in 2006, a spokesman for the Serious Organised Crime Agency (Soca) said.

JiLsi sent sockaddr details of credit cards that had been compromised at a petrol station in Portsmouth. The undercover agent did not make use of them, but the losses on these cards totalled about £10,500, police said.

They said it was hard to put a figure on the total losses caused to individuals and the banking industry by DarkMarket, but added that they ran into the tens of millions of pounds.

DarkMarket was the number one English-language website for trading stolen financial information such as credit card details, police said.

Set up in 2005 after an earlier forum called the ShadowCrew was shut down, fraudsters in the UK, US, Canada, Germany, France, Turkey and Russia managed the "very sophisticated" site, police said.

It offered criminals a secure payment system, training and an arbitration service. It even sold advertising space to fraudsters.

But there were certain rules - to avoid drawing unnecessary attention, users were banned from trading in firearms, illegal drugs and counterfeit money, and they were not interested in child pornography.

A police source said: "DarkMarket wanted to have a good reputation amongst the criminal fraternity.

"If everyone kept ripping each other off, as happened on other forums, the reputation of DarkMarket would fall down.

"JiLsi was instrumental in ensuring that as many transactions as possible took place in a secure way."

Police said "reputation was all" for the criminals who used DarkMarket, although it was a case of honour among thieves.

Russell Tyner, a prosecutor from the Crown Prosecution Service's organised crime division, said: "Although the people on DarkMarket are criminals, their reputation for being honest criminals is vital.

"Because once they lose their reputation in the criminal fraternity, they can't make money. It's as simple as that."

He added: "The reality is, for its members there was a real kudos to being a member of DarkMarket."

To be accepted to join DarkMarket, criminals had to provide details of 100 compromised credit cards to a so-called reviewer, who would check them and write a report.

The prospective member could be allowed to join, rejected or given a trial period.

Intelligence gathered by Soca, the FBI and the US Secret Service showed Subramaniam used the Java Bean internet cafe in Wembley as the base for his criminal activities, regularly staying there for hours at a time.

Soca said he carried the stolen personal information around on memory sticks and the loss of a single one is understood to have cost him £100,000.

Soca deputy director Sharon Lemon said: "Subramaniam was a loner with a modest lifestyle.

"He owned three houses but was largely itinerant, moving around between the homes of friends and family members and never staying in one place for long.

"The key to investigations of this sort is finding the evidence to connect the online persona with a living, breathing person.

"Subramaniam went to great trouble to hide his activity. He seems to have thought that carrying data around on memory sticks and using internet cafes would somehow protect him from scrutiny. He was wrong.

"A financial investigation is under way into the money these men made from their crimes.

"It's hard to put a figure on the sums involved now, but we believe that Subramaniam suffered a personal loss of £100,000 in one go linked to deals on a single lost memory stick.

"Soca is determined to recover what it can from them. Things don't end with a conviction."

Subramaniam, who was born in Colombo, Sri Lanka, and given UK naturalisation in September 2002, was also filmed on surveillance footage exchanging credit card lists for cash at the cafe.

He continued to act as an administrator on the site until October 2006 when he was forcibly demoted by other administrators over allegations of poor security practice.

He went on to act as a reviewer until June 2007 and was arrested the following month when he handed himself in at Wembley police station.

Today, Soca investigators told the court JiLsi, who used an avatar of a pirate with an eye patch on the site, was the "principal offender involved".

He made three to four posts a day on the site while he was active.

As administrator, JiLsi also edited the rules of the site, which included a ban on swearing, and there were never more than four administrators at any time, the court heard.

Investigators said a list of 10 so-called dumps - stolen credit card numbers along with other personal information - would typically sell for 50 US dollars (£30).

Harendra de Silva QC, defending Subramaniam, said the "evidence was unchallenged" but added that the "question of interpretation does arise in certain areas".

Judge John Hillen described the payment system used by criminals on the site to improve its reputation - in which a third party would help with the exchange of stolen information for money between the vendor and buyer - as a "PayPal for criminals".

Retired John McHugh, another reviewer on the site, also pleaded guilty to conspiracy to defraud earlier this week.

The 69-year-old, of Doncaster, South Yorkshire, was an experienced credit card fraudster who went by the online name of Devilman.

A search of his house uncovered a counterfeit credit card factory with details of 2,000 cards along with a range of images and logos, Soca said.

It is understood the first time the two defendants met face-to-face was in the dock of the court last summer.

They will both be sentenced at a later date. The maximum sentence for conspiracy to defraud is 10 years in prison.

Worldwide, more than 60 arrests have been made in relation to the DarkMarket site, which also taught members how to take over online banking accounts, commit credit card fraud, launder money and commit fraud against businesses including the retail industry and the gaming industry.

Further prosecutions are expected in the UK into next year.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in