Privacy Ninja

New Yorker Imprisoned for Role in Carding Group Behind $568M Damages

New Yorker Imprisoned for Role in Carding Group Behind $568M Damages

John Telusma, a 37-year-old man from New York, was sentenced to four years in prison for selling and using stolen and compromised credit cards on the Infraud carding portal operated by the transnational cybercrime organization with the same name.

Telusma is one of 36 individuals US authorities indicted in February 2018 for alleged roles in the Infraud Organization criminal enterprise.

The roles of each defendant indicted four years ago are explained in detail in this criminal indictment filed on February 7, 2018.

According to court documents, Telusma joined the Infraud Organization in August 2011 and was active for five and a half years.

Also Read: The 7 Fundamental Guide on SOP for Social Media Marketing

He was one of the most prolific and active vendors of Infraud’s carding portal selling “dumps,” as well as providing “drop” and “cashout” services for other members.

Other Infraud members previously sentenced in the US include:

  • Infraud co-founder Sergey Medvedev — sentenced to 10 years in prison (after pleading guilty in June 2020);
  • Malware developer Valerian Chiochiu — sentenced to 10 years in prison;
  • VIP Member Arnaldo Sanchez Torteya — sentenced to eight years in prison;
  • VIP Member Edgar Rojas — sentenced to eight years in prison;
  • ATM skimmer Jose Gamboa — sentenced to eight years in prison; and
  • VIP Member Pius Wilson —  sentenced to seven years in prison.
Infraud Organization hierarchy
Infraud hierarchy (US DOJ)

Underground forum for selling stolen financial info, PII, more

The operation was active between October 2010, when it was founded by Svyatoslav Bondarenko (at infraud[.]cc and infraud[.]ws, later moved to other URLs) until February 2018, when Infraud and its portal were taken down following a joint law enforcement operation.

Also Read: 7 Principles of Personal Data Processing

Out of 10,901 Infraud registered members in March 2017, 13 defendants were apprehended by law enforcement agencies in the United States and six other countries (Australia, the United Kingdom, France, Italy, Kosovo, and Serbia).

They facilitated large-scale acquisition, sale, and distribution of stolen identity information and payment cards, counterfeit documents, personally identifiable data, bank account and credit account information, and computer malware.

Infraud members were responsible for purchasing and selling more than four million stolen credit and debit cards, causing victims actual losses of more than $568 million.

To join Infraud’s online forum, all users needed vetting and approval from one of the Infraud administrators. They faced removal if the “products” they sold were considered subpar by the admins.

The organization’s members were also anonymous to each other “to evade law enforcement and other ‘real-world’ or ‘offline’ consequences for their fraudulent and criminal activities.”



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us