Another guilty plea in $568 million Infraud crime ring

Valerian Chiochiu, a 30-year-old Moldovan, allegedly wrote malware for the group.

A Moldovan man on Friday became the second person in as many months to plead guilty to being part of Infraud, a $568 million cybercriminal enterprise that stole payment cards and personal data from around the world, the U.S. Department of Justice said.

30-year-old Valerian Chiochiu, who allegedly trained Infraud members on writing and deploying malware, appeared before a judge in federal court in Nevada, U.S. officials said. Chiochiu’s guilty plea follows that of Sergey Medvedev, a 33-year-old Russian, who is accused of being the group’s co-founder.

The pleas are part of the ongoing U.S. effort to prosecute Infraud, which Department of Justice officials say victimized people in all 50 states. At its height, Infraud aspired to be the internet’s top spot for “carding,” or buying things with stolen credit card data. It amassed more than 10,000 members, and claimed to only allow vetted vendors of stolen data to advertise on the forum.

But the crime ring was dismantled in 2018 after the U.S. indictment of 36 of the organization’s affiliates and the arrest of 13 of them. Svyatoslav Bondarenko, a Ukrainian accused of being the other co-founder of Infraud, is still at large, according to Department of Justice officials.


Chiochiu joined Infraud in 2012, two years after it was formed, according to the indictment, and allegedly soon began putting his technical skills to use. He would post computer scripts and other code to the Infraud forum that could steal personal and financial data, prosecutors allege.

As part of the guilty plea, Chiochiu admitted to authoring a piece of malware known as FastPOS, U.S. officials said. That tool is “designed to immediately exfiltrate any stolen card data, instead of storing it locally in a file,” according to cybersecurity company Trend Micro.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts