Skip to main content

Secret Service paid hacker $75k a year, friend says

By Kim Zetter
Albert Gonzalez is expected to be sentenced on three credit-card theft counts.
Albert Gonzalez is expected to be sentenced on three credit-card theft counts.
STORY HIGHLIGHTS
  • Friend: Secret Service was paying hacker $75k a year as informant
  • Albert Gonzalez will be sentenced on three counts of credit-card theft
  • Expert says informants make much more -- sometimes millions -- in federal cases
  • Office Max, Dave & Busters, 7-11 among Gonzalez's targets
RELATED TOPICS

(Wired) -- Convicted TJX hacker Albert Gonzalez earned $75,000 a year working undercover for the U.S. Secret Service, informing on bank card thieves before he was arrested in 2008 for running his own multimillion-dollar card-hacking operation.

That information is according to one of Gonzalez's best friends and convicted accomplices, Stephen Watt.

Watt pleaded guilty last year to creating a sniffer program that Gonzalez used to siphon millions of credit and debit card numbers from the TJX corporate network while he was working undercover for the government.

Watt told Threat Level that Gonzalez was paid in cash, which is generally done to protect someone's status as a confidential informant.

The Secret Service said it would not comment on payments made to informants. Gonzalez's attorney did not respond to a call for comment.

"It's a significant amount of money to pay an informant but it's not an outrageous amount to pay if the guy was working full time and delivering good results," says former federal prosecutor Mark Rasch. "It's probably the only thing he was doing -- other than hacking into TJX and making millions of dollars."

Gonzalez's reported salary highlights how entwined he was with the government at the time he participated in the largest identity theft crimes in U.S. history.

Gonzalez, 28, is set for sentencing this week on three indictments covering nearly every headline-making bank-card theft in recent years, including intrusions at TJX, Office Max, Hannaford Brothers, 7-Eleven and Heartland Payment Systems (which alone exposed magstripe data on 130 million credit and debit cards).

Thehacker's plea agreements contemplate a total prison term of between 17 and 25 years.

Rasch says Gonzalez's $75,000 is nothing compared to the million-dollar payouts some undercover informants get for high-risk, high-value cases such as Mafia investigations. But Gonzalez's payments dwarf the meager handouts given previous computer crime informants.

Identity thief Brett Johnson, aka Gollumfun, said he earned $350 a week -- the equivalent of about $18,000 a year -- while working undercover in the Secret Service's Columbia, South Carolina, field office helping catch card thieves.

Johnson was recruited by the agency in 2005 after he was arrested buying merchandise with counterfeit cashier's checks; his public service ended 10 months later when agents discovered that, like Gonzalez, Johnson was two-timing them, running a fraudulent tax-return scheme during his off hours that was bringing him an extra $5,000 to $6,000 each week.

Another carder, David "El Mariachi" Thomas, worked undercover for 18 months for the FBI in 2003 and 2004 running a carding site called The Grifters out of a Seattle apartment. The bureau paid rent and expenses for him and his live-in girlfriend, and bought the computers he used to run the undercover operation, but didn't pay him a salary.

In the 1990s, informant Justin "Agent Steal" Petersen was reportedly paid $200 a week while helping the FBI build a case against Kevin Mitnick, then the number one hacker target on the government's radar.

For his part, Gonzalez began working for theSecret Service when he was arrested making fraudulent ATM withdrawals in New York.

Under the nickname "Cumbajohnny," he was a top administrator on a carding site called Shadowcrew. The agency cut him loose and put him to work undercover on the site, where he set up a VPN the carders could use to communicate -- a supposedly secure communications channel that was actually wiretapped by the Secret Service's New Jersey office.

That undercover operation, known as "Operation Firewall," led to the arrest of 28 members of the site in October 2004. After the site went down, Gonzalez changed his nickname to "Segvec" and moved to Miami where he resumed his life of crime under the noses of the agents who were paying him.

Authorities finally arrested him in May 2008. After many months, he directed them to a stash of more than $1 million in cash buried in a barrel in the backyard of his parents' home.

Rasch says a number of factors determine what an informant is paid, such as whether they have specialized technical skills or have infiltrated an underground organization; whether they're putting themselves or family members at risk; and whether the investigations they work involve stolen funds that the government has a good chance of recovering.

"If I'm working on a case involving $20 million in fraud and the government is likely to get some of that money back, $75,000 is chump change," Rasch says. "They don't use paid informants that often.... Criminals will ordinarily cooperate [without payment] in return for a non-prosecution" or sentence reduction.

The Department of Justice publishes nonbinding guidelines that discuss the necessity of monitoring informants and assessing a criminal's suitability to be one, but they don't provide standards for doing so.

Per the attorney general's guidelines, two law enforcement representatives are required to witness any payment made to a confidential informant and document the payment in the case files, indicating if it's for information, services or expenses. The informant must also sign or initial a written receipt.

At the time of the payment, the law enforcement agents are required to advise the confidential informant that the payment may be taxable income that must be reported to the IRS and state agencies.

The Secret Service's embrace of Gonzalez as a professional informant may have reinforced his criminal behavior. Gonzalez felt he'd been rewarded for his preoccupation with computers, according to a letter written by his sister to one of his sentencing judges.

"All this seemed okay at the time, but psychologically it was feeding an obsession that in the end would become my brother's downfall," Frances Gonzalez Lago told the court in December.

Gonzalez is set for sentencing Thursday in U.S. District Court in Boston for the TJX, Office Max, and Dave & Buster's breaches. He appears in front of a different judge the next day for sentencing on the Heartland, Hannaford and 7-Eleven thefts. The government is seeking a sentence of 25 years in prison.

Subscribe to WIRED magazine for less than $1 an issue and get a FREE GIFT! Click here!

Copyright 2011 Wired.com.