The US Department of Justice made an announcement on November 18th that gives only a shadow of the story of Lin Mun Poo. It says he is a Malaysian citizen who made a stop in New York on his way home from Europe. He was detained by the Secret Service not long after arrival.
A more complete version of events and allegations is found in his detention letter.
…the defendant appears to have traveled to the United States for the sole purpose of engaging in criminal activity; within hours of his arrival at JFK on October 21, 2010, United States Secret Service agents observed the defendant selling stolen credit card numbers for $1,000 at a diner in Brooklyn and arrested him shortly thereafter. In his post-arrest statement, the defendant admitted that the primary purpose of his journey to the United States was to meet with an individual who the defendant believed was capable of regularly providing the defendant with a large volume of stolen card numbers and personal identification numbers, which the defendant said he planned to use to withdraw cash from automated teller machines.
I see a problem in this story: Poo is made out in most reports to be a “career” criminal hacker. He is alleged to be very proficient stealing card numbers and identification from financial institutions. Why was he in a New York diner trying to find someone to give him stolen card numbers if he already had a way to get them remotely?
It seems foolishly risky for him to fly into the US. It would make some sense, in terms of risk, if he had to meet a buyer. That is how the allegation starts out — he has 400,000 card numbers and someone (the Secret Service must have set him up in a sting operation) offered him $1,000 for some amount of them.
Why would someone like Poo fail to use a mule for this operation on American soil? It is obviously high-risk — career-ending for a criminal. Why would he also fail to use a mule to make ATM withdrawals?
Maybe he could not figure out a mule system? That seems unlikely, given that he was said to have hacked into a bank anonymously. Even if I assume he could not figure out mule systems to sell his bounty of stolen card numbers, I have no good explanation for why he would need to arrive in the US to acquire more stolen card numbers.
The full story thus sounds like one of three things: a mule was arrested and has been made out to be a mastermind to block his escape, this criminal mastermind is actually not much brighter than a mule, or the Secret Service has been doing some top-notch social engineering to get a criminal mastermind to walk straight into their arms.
One thought on “Secret Service Nabs Hacker Poo”