The Largest Online Marketplace of Stolen Login Credentials Seized by Law Enforcement

On March 16, 2022, a federal grand jury put on trial Igor Dekhtyarchuk, a citizen of the Russian Federation (Russia), with charges for running a cyber-criminal marketplace that sold thousands of stolen login credentials, Personally Identifiable Information, and authentication tools.

Dekhtyarchuk ran Marketplace A, which allegedly sold credentials of over 48,000 hacked email accounts, 39,000 internet accounts, and had an average visitor count of 5,000 people every day.

Marketplace A specializes in the selling of illegally obtained access devices for compromised online payment platforms, retailers, and credit cards, and also provides data associated with such accounts, such as users’ names, names and addresses, account credentials, and credit card data. This operation is known as a “carding shop.”

Dekhtyarchuk first made an appearance on the hacker forums in November 2013 with the alias name “floraby”. In April 2018, he started to advertise about the selling of account data in Russian hacker forums. In two months, he opened Marketplace A and started to advertise his marketplace soon.

However, Marketplace A had a completely different approach for its buyers. The website works just as how a legitimate store would work.

A person visiting the website to buy credentials can also buy credit card accounts of that victim. Sometimes, customers can also buy information relating to the victim’s retail accounts and other financial data. 

Another thing to be highlighted was the seven-day rental incremental plan that Dekhtyarchuk provided its customers.

He provided a downloadable software that the customers can use to input the purchased credentials along with the cookie that is provided with purchase. This helps the customers to access a company’s account easily.

During the period of March 2021 and July 2021, the FBI made a covert operation to track down the cybercriminals. The FBI worked with an Online Covert Employee (OCE) to track their location.

At the period of this covert operation, they purchased nearly 131 accounts from the marketplace. After every purchase, access was provided via a link or Telegram channels.

However, Finally, the hackers were brought to justice. 

The FBI stated, “This case exemplifies the need for all of us, right now, to take steps to protect our online identity, our personal data, and our monetary accounts,” said U.S. Attorney Brit Featherston.  “Cyber-criminals are lurking behind the glow of computer screens and are harming Americans.  These investigations require dedicated professionals who work tirelessly to stop thieves that steal from unknowing innocent people.  To those who dedicate their lives to stopping cyber-criminals, we thank you.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt…

2 days ago

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code execution…

2 days ago

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile…

2 days ago

Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware

Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application…

2 days ago

EU Targets Stark Industries in Cyberattack Sanctions Crackdown

The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing…

2 days ago

Venice.ai’s Unrestricted Access Sparks Concerns Over AI-Driven Cyber Threats

Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as…

2 days ago