A 28-year-old Ukrainian national has been sentenced to four
years in prison for siphoning thousands of server login credentials
and selling them on the dark web for monetary gain as part of a
credential theft scheme.
Glib Oleksandr Ivanov-Tolpintsev, who pleaded guilty to
his offenses earlier this February, was arrested in Poland in
October 2020, before being extradited to the U.S.[1]
in September 2021.
The illegal sale involved the trafficking of login credentials
to servers located across the world and personally identifiable
information such as dates of birth and Social Security numbers
belonging to U.S. residents on a darknet marketplace.
The unnamed site purportedly offered over 700,000 compromised
servers for sale, including at least 150,000 in the U.S. alone.
Believed to have been operational from around October 2014, the
underground marketplace was seized by law enforcement authorities
on January 24, 2019, according to court documents.
This exactly coincides with the dismantling of the xDedic
Marketplace following a year-long investigation on the same date by
agencies from the U.S., Belgium, Ukraine, and Germany.
“The xDedic Marketplace sold access to compromised computers
worldwide as well as personal data,” Europol said[2]
at the time, adding, “users of xDedic could search for compromised
computer credentials by criteria, such as price, geographic
location, and operating system.”
Victims spanned a wide gamut of sectors like governments,
hospitals, emergency services, call centers, metropolitan transit
authorities, law firms, pension funds, and universities.
“Once purchased, criminals used these servers to facilitate a
wide range of illegal activity that included ransomware attacks and
tax fraud,” the U.S. Justice Department (DoJ) noted[3]
in a press statement.
Ivanov-Tolpintsev is said to have obtained the server usernames
and passwords by means of a botnet that was used to brute-force and
password spraying attacks, listing on sale these hacked credentials
on the marketplace from 2017 through 2019 and netting $82,648 in
return.
The sentencing comes as the DoJ awarded a jail term of at least
five years to a trio of cybercriminals for conspiracy to commit
fraud and aggravated identity theft.
“From at least 2015 through 2020, [Jean Elie Doreus] Jovin,
Alessandro Doreus, and Djouman Doreus conspired to knowingly, and
with intent to defraud, possess tens of thousands of counterfeit
and unauthorized access devices—including the names, Social
Security numbers, account numbers, usernames, and passwords of
identity theft victims,” the department said[4].
References
Read more https://thehackernews.com/2022/05/ukrainian-hacker-jailed-for-4-years-in.html