FBI Seizes Rydox Marketplace, Arrests Key Administrators

The Federal Bureau of Investigation (FBI) announced the seizure of Rydox, an illicit online marketplace that facilitated the buying and selling of stolen personal information and cybercrime tools.

Alongside the crackdown, law enforcement arrested three key administrators linked to the platform, marking a significant victory in the fight against organized cybercrime.

The U.S. Department of Justice revealed that Kosovo nationals Ardit Kutleshi, 26, and Jetmir Kutleshi, 28, were apprehended in Kosovo by local law enforcement at the request of the United States.

A third individual, Shpend Sokoli, was arrested in Albania by the Special Anti-Corruption Body (SPAK). The Kutleshi brothers await extradition to the U.S. to face charges in the Western District of Pennsylvania, while Sokoli is expected to face prosecution in Albania.

2024 MITRE ATT&CK Evaluation Results for SMEs & MSPs -> Download Free Guide

Rydox Cybercrime Marketplace

The Rydox marketplace, operational since February 2016, is accused of conducting over 7,600 sales of personally identifiable information (PII), stolen access devices, and hacking tools, generating approximately $230,000 in illegal proceeds.

Authorities allege that Rydox catered to more than 18,000 users globally, offering over 321,000 illegal cybercrime products, including stolen names, addresses, Social Security numbers, credit card information, and hacking tutorials.

Principal Deputy Assistant Attorney General Nicole M. Argentieri praised the operation, stating: “For more than eight years, the defendants ran an illicit marketplace that sold sensitive data stolen from thousands of U.S. victims. With the help of both domestic and international law enforcement partners, we dismantled the Rydox platform, arrested its administrators, and seized their illicit earnings.”

The FBI, in collaboration with the Royal Malaysian Police, also seized servers in Kuala Lumpur that hosted the Rydox marketplace, effectively shutting down its operations.

Additionally, U.S. authorities seized the domain name Rydox.cc, which now displays a seizure notice, preventing any further use of the platform. Approximately $225,000 worth of cryptocurrency linked to the defendants was also confiscated.

The defendants face multiple charges, including identity theft, aggravated identity theft, access device fraud, and money laundering, with potential sentences of up to 20 years for the most severe offenses.

Special Agent in Charge Kevin Rojek of the FBI Pittsburgh Field Office emphasized the operation’s importance: “This case demonstrates the strength of international cooperation in combating cybercrime. We will pursue criminals no matter where they operate.”

This takedown reaffirms law enforcement’s commitment to addressing the devastating impacts of cybercrime on individuals and communities, delivering a stern warning to cybercriminals worldwide.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free