U.S. Attorneys Office Eastern District of New York, May 3, 2023
A four-count indictment was unsealed today in the United States District Court for the Eastern District of New York charging Denis Gennadievich Kulkov with access device fraud, computer intrusion and money laundering in connection with his operation of Try2Check, the primary service offering “card-checking” to cybercriminals in the stolen credit card trade. The Try2Check platform catered to cybercriminals who purchased and sold stolen credit card numbers in bulk on the internet, offering criminals the ability to quickly determine what percentage of the cards were valid and active. As such, Try2Check was a primary enabler of the trade in stolen credit card information, processing at minimum tens of millions of card numbers every year. Today, the U.S. government worked with partners in Germany and Austria to take offline Try2Check’s websites, thus dismantling the defendant’s criminal network. Along with the indictment and global website domain takedown, the State Department has announced a $10 million reward for information leading to the capture of Kulkov, who resides in Russia. Try2Check ran tens of millions of credit card checks per year and supported the operations of major card shops that made hundreds of millions in bitcoin in profits. Over a nine-month period in 2018, the site performed at least 16 million checks, and over a 13-month period beginning in September 2021, the site performed at least 17 million checks. Through the illegal operation of his websites, the defendant made at least $18 million in bitcoin (as well as an unknown amount through other payment systems), which he used to purchase a Ferrari, among other luxury items. In coordination with the unsealing of the charging documents in this case, Try2Check’s websites were taken offline and the State Department issued a $10 million reward for information leading to the defendant’s capture. If convicted, Kulkov faces 20 years’ imprisonment. The charges in the indictment are allegations, and the defendant is presumed innocent unless and until proven guilty. The Office extends its appreciation to the German Federal Criminal Police Office (BKA), the German Federal Office for Information Security (BSI), the Austrian Criminal Intelligence Service – Cybercrime Competence Center (C4), and the French Central Directorate of the Judicial Police (DCPJ) and the governments of Austria, Germany and France for their assistance on this case, as well as to the Shadowserver Foundation for crucial technical assistance in addressing