Two Infraud members sentenced for role in $568 million crime gang, US says

A third suspect is still at large.
(Photo by Matt Cardy/Getty Images)

A U.S. federal judge has sentenced two men — one from Russia, the other from North Macedonia — to prison terms of 10 and five years, respectively, for their role in a $568 million cybercriminal ring that stole payment cards and personal data from around the world.

Both Sergey Medvedev of Russia and Marko Leopard of North Macedonia had pleaded guilty last year to a racketeering conspiracy, the U.S. Justice Department said in announcing the sentencing Friday.

The jail time is the latest in a series of moves by U.S. prosecutors against the once-powerful crime ring, known as Infraud, which Medvedev allegedly co-founded. At its height, Infraud had more than 10,000 members and became a go-to place for “carding,” or buying things online with stolen credit card data.

But a U.S. indictment of 36 of the organization’s affiliates in 2018, and subsequent arrest of 13 alleged members, effectively put Infraud out of business. Valerian Chiochiu, a Moldovan man, pleaded guilty in July in connection with training Infraud members on writing and deploying malware.


Medvedev and Leopard also allegedly played key roles in the crime ring, whose slogan was “In Fraud We Trust.” Medvedev served as the enterprise’s administrator for several years,  “meting out discipline to those who violated” rules, according to the Justice Department. Leopard allegedly hosted web infrastructure for those who wanted to sell contraband.

Despite the crackdown on Infraud, Svyatoslav Bondarenko, a Ukrainian accused of being the other co-founder of the organization, is still at large, Justice Department officials have previously said.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts