Russian Court Sentences Flint and 25 Associates Over Flint24 Carding Operation
A Russian military court has sentenced 26 members of the cybercrime group Flint24, including alleged ringleader Alexei Stroganov, better known as “Flint”, in a major card fraud case tied to the trafficking of stolen payment card data. According to reporting from The Record, the defendants received prison terms of up to 15 years, and the court also imposed fines of up to about $57,000.
The case is significant not just because of the number of people convicted, but because it closes a long-running chapter in one of Russia’s more notorious carding investigations. Stroganov has long been associated with large-scale payment card fraud and is also wanted by U.S. authorities on separate charges related to wire fraud, bank fraud, and aggravated identity theft.
Investigators said the group operated from 2014 to March 2020, running a sophisticated criminal enterprise that acquired and sold stolen payment card data for use in fraudulent cash withdrawals and online purchases. Authorities said the network distributed the stolen information through roughly 90 online stores set up by members of the group.
At the center of the scheme were so-called “dumps”, or stolen payment card records that can be encoded onto the magnetic stripe of physical cards and then used for fraud. The Record reported that during an undercover purchase, Russia’s Federal Security Service obtained stolen card data along with CVV and CVC codes, showing that the marketplace supported both in-person fraud and online payment abuse.
Russian authorities said the victims were not limited to one country. The stolen card data reportedly belonged to people and entities in Russia, other post-Soviet states, the European Union, and the United States, underscoring the transnational nature of the operation.
Most of the suspects were arrested during coordinated raids in March 2020 across 60 locations in 11 Russian regions. During the searches, investigators seized roughly $432,000 in cash. The case was later heard by a military court because one of the defendants was serving in the armed forces when the investigation began.
Stroganov himself received one of the longest prison terms. Another convicted defendant, identified by The Record as reserve warrant officer I. N. Voroshilov, was also handed a prison sentence. The court convicted the group of forming an organized criminal enterprise and illegally trafficking payment card data.
The ruling also revives attention on Stroganov’s long cybercrime history. The Record noted that he was previously convicted in 2006 and sentenced to six years in prison for participating in another carding operation that produced counterfeit payment cards used in the U.S. and Europe. After serving that term, he reportedly worked as a cybersecurity consultant helping banks and payment systems defend against attacks, before once again becoming linked to major fraud allegations.
Separately, U.S. prosecutors placed Stroganov on a wanted list in early 2024, alleging he participated in a conspiracy that, from at least 2007 to 2017, stole sensitive financial data tied to hundreds of millions of payment cards and bank accounts. According to the U.S. case described by The Record, the broader operation allegedly caused losses exceeding $35 million to financial institutions.
The sentencing comes as Russian authorities also appear to be increasing pressure on parts of the cybercrime ecosystem at home. In a separate case highlighted by The Record, a suspected administrator of LeakBase, an online marketplace for stolen data, was detained after an international operation targeting that platform’s infrastructure.
For defenders, the Flint24 case is a reminder that carding groups are not loose clusters of forum users but highly organized criminal businesses. They build marketplaces, manage supply chains for stolen data, test payment records, and maintain reseller networks that can survive for years before coordinated law enforcement action finally disrupts them. The longer such groups operate, the more global and financially damaging their fraud ecosystem becomes. This concluding assessment is an inference based on the case details reported by The Record.
Reference Links and Sources
