Friday, November 1, 2024
Homecyber securityThe Largest Online Marketplace of Stolen Login Credentials Seized by Law Enforcement

The Largest Online Marketplace of Stolen Login Credentials Seized by Law Enforcement

Published on

Malware protection

On March 16, 2022, a federal grand jury put on trial Igor Dekhtyarchuk, a citizen of the Russian Federation (Russia), with charges for running a cyber-criminal marketplace that sold thousands of stolen login credentials, Personally Identifiable Information, and authentication tools.

Dekhtyarchuk ran Marketplace A, which allegedly sold credentials of over 48,000 hacked email accounts, 39,000 internet accounts, and had an average visitor count of 5,000 people every day.

Marketplace A specializes in the selling of illegally obtained access devices for compromised online payment platforms, retailers, and credit cards, and also provides data associated with such accounts, such as users’ names, names and addresses, account credentials, and credit card data. This operation is known as a “carding shop.”

- Advertisement - SIEM as a Service

Dekhtyarchuk first made an appearance on the hacker forums in November 2013 with the alias name “floraby”. In April 2018, he started to advertise about the selling of account data in Russian hacker forums. In two months, he opened Marketplace A and started to advertise his marketplace soon.

However, Marketplace A had a completely different approach for its buyers. The website works just as how a legitimate store would work.

A person visiting the website to buy credentials can also buy credit card accounts of that victim. Sometimes, customers can also buy information relating to the victim’s retail accounts and other financial data. 

Another thing to be highlighted was the seven-day rental incremental plan that Dekhtyarchuk provided its customers.

He provided a downloadable software that the customers can use to input the purchased credentials along with the cookie that is provided with purchase. This helps the customers to access a company’s account easily.

During the period of March 2021 and July 2021, the FBI made a covert operation to track down the cybercriminals. The FBI worked with an Online Covert Employee (OCE) to track their location.

At the period of this covert operation, they purchased nearly 131 accounts from the marketplace. After every purchase, access was provided via a link or Telegram channels.

However, Finally, the hackers were brought to justice. 

The FBI stated, “This case exemplifies the need for all of us, right now, to take steps to protect our online identity, our personal data, and our monetary accounts,” said U.S. Attorney Brit Featherston.  “Cyber-criminals are lurking behind the glow of computer screens and are harming Americans.  These investigations require dedicated professionals who work tirelessly to stop thieves that steal from unknowing innocent people.  To those who dedicate their lives to stopping cyber-criminals, we thank you.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch...

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan...

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan...

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on...