Pizza News

Alleged Russian Hacker to Face His Toughest Foes: Pizzeria Owners

He has a sicle-shaped scar on the side of his head and called himself “Psycho” online. His dad is a member of Russia’s Parliament. His attorney represented notorious serial killer Ted Bundy. And he claims that his arrest by U.S. authorities was essentially kidnapping.

Russian native Roman Seleznev’s wild story has been unfolding for years, but it’s finally being made public in a high-profile trial in Seattle. Prosecutors have identified Seleznev as a master criminal who hacked into American pizzerias’ computer systems, stole credit card data and sold it to buyers who subsequently racked up $170 million in expenses on customers’ compromised accounts.

Prosecutors say Seleznev ran a hacking scheme that ran for six years and targeted mostly pizza restaurants in Washington state. The alleged scheme hit more than 200 businesses, including Red Pepper Pizza in Duvall, Washington. Red Pepper owner Steve Bussing told the Associated Press that he and his wife had to spend about $10,000 to replace their computer system after it was hacked. Bussing will testify against Seleznev, along with owners and managers from Village Pizza in Anacortes; another Red Pepper Pizza in Duluth; Casa Mia in Yelm; and several Mad Pizza and ZPizza franchises around Washington.

At one point, Seleznev—the son of Valery Seleznev, a prominent Russian member of Parliament—hacked under the nickname “nCuX,” which is the transliteration of the Russian word for “psycho,” according to prosecutors. He later went by “Track2” and “2Pac.” He was arrested, with considerable subterfuge, by U.S. Secret Service agents at a Maldives airport in 2014—he was reportedly on his way back to Russia at the time. However, Seleznev’s attorneys claim that his arrest was essentially a “kidnapping” that violated international law. They also assert that prosecutors have failed to adequately connect Seleznev with the hacking crimes.

And then there’s the Bundy connection. Among Seleznev’s current team of attorneys is one John Henry Browne, best known for representing Ted Bundy, one of the most notorious serial killers in history, and U.S. Army Staff Sgt. Robert Bales, convicted of murdering 16 civilians—including nine children—in the Panjwayi district of Afghanistan’s Kandahar province. Browne has recently published a memoir, The Devil’s Defender: My Odyssey Through American Criminal Justice from Ted Bundy to the Kandahar Massacre.

After Seleznev’s arrest, the plot of the story thickened further while he awaited trial in Seattle. In recordings of prison phone calls, Seleznev and his father allegedly discussed organizing a jailbreak with the help of “doctors” and “magicians.” His father has even claimed that the U.S. arrested Seleznev to force a prisoner swap with the Russians for Edward Snowden, who famously leaked classified documents stolen from the National Security Agency in 2013.

So how do hackers steal so much credit card data from pizzerias? By targeting their POS systems, many of which run on old computers with outdated security. Seleznev allegedly hacked into pizzerias’ POS machines and uploaded malware to the restaurants’ house computers; the malware intercepted credit card info and transmitted it to Seleznev every five minutes, according to the federal indictment.

Read an Associated Press article on the case here.