Roman Seleznev

Early Life

Roman Valerevich Seleznev was born on July 23, 1984, in Russia. He is the son of Valery Seleznev, a member of Russia's State Duma.

Hacking Career

Seleznev began his activities in early 2003 on CarderPlanet, a credit card fraud site, where he provided paid Social Security numbers and criminal-history research using stolen LexisNexis accurint.com accounts. Around this time, an employee working with him developed a scanner to identify computers with open MSRDP ports (port 3389), which were frequently left unsecured by default. Exploiting these vulnerabilities, Seleznev and a partner accessed numerous remote computers containing financial and credit-card data.

Seeking to expand his capabilities, Seleznev contacted a hacker known as BadB — later identified in 2009 as Vladislav Horohorin — who supplied him with an automated script to locate credit card data within systems and networks. Using this script, Seleznev obtained his first credit-card dumps, which he resold to Horohorin. He subsequently broke from Horohorin and launched his own credit-card-dump operation under the alias nCuX, a handle derived from the Russian word for "psycho."

By 2008, Seleznev had significantly expanded his methods, moving beyond MSRDP scanning to developing sophisticated malware capable of intercepting network traffic and searching network shares. He distributed this malware by injecting malicious code into advertising traffic, exploiting flaws in web browsers, and primarily targeting computers in the United States.

By May 2009, the United States Secret Service (USSS) had gathered sufficient evidence to conclude that nCuX was likely Roman Seleznev. Following a meeting between USSS and Russia's FSB in which this information was shared, the nCuX accounts were abruptly closed in June 2009. USSS suspected the FSB had alerted Seleznev to the investigation.

After abandoning the nCuX identity, Seleznev created two new aliases — Track2 and Bulba — and used them to operate automated stolen-credit-card shops. He purchased advertising space on the illegal carding forum carder.su, which was shut down in a 2012 Department of Homeland Security operation. Horohorin, his former associate, was arrested by USSS in August 2010. Seleznev's activities are estimated to have caused more than $169 million in damages to businesses and financial institutions.

During a vacation in Morocco, Seleznev suffered a severe head injury in the 2011 Marrakesh bombing and was evacuated to Moscow for surgery.

Arrest and Trial

Seleznev was indicted in the United States in 2011. On July 5, 2014, he was arrested while vacationing at the Kanifushi Resort in the Maldives. Because the Maldives has no extradition treaty with the United States, the USSS negotiated directly with the Maldivian government to arrange his expulsion into U.S. custody. He was subsequently transported to Guam to await trial.

Russian officials characterized the arrest as a "kidnapping" and criticized the United States for failing to notify Russian consulates. The Russian Foreign Ministry also condemned the Maldives for not adhering to international legal norms. U.S. prosecutors argued the approach was justified given the FSB's noncooperation in 2009 and the scale of Seleznev's crimes. Later reporting suggested the arrest may have involved cooperation from an officer within the FSB.

Following a one-and-a-half-week trial in the U.S. District Court for the Western District of Washington, a jury found Seleznev guilty on 38 counts in 2016. He was sentenced to 27 years in prison the following year on charges including wire fraud, intentional damage to a protected computer, and identity theft. In May 2017, Seleznev faced additional charges in Atlanta and Nevada; he pleaded guilty in September 2017 to conspiracy to commit bank fraud and received a 14-year sentence in November, to run concurrently with his original sentence.

Seleznev was held at FCI Butner, a medium-security federal prison in North Carolina, after being transferred from USP Atlanta in 2018.

Release

On August 1, 2024, Seleznev was released as part of a 26-person international prisoner exchange that included American Paul Whelan. Upon his return to Moscow, Seleznev was personally met at the airport by Russian President Vladimir Putin. He ultimately served approximately ten years of his 27-year sentence.