A 28-year-old Ukrainian national has been sentenced to four years in prison for siphoning off thousands of server login credentials and selling them on the dark web for monetary gain in an email theft scheme. identifiers.
Glib Oleksandr Ivanov-Tolpintsevwho pleaded guilty to his offenses in early February, was arrested in Poland in October 2020, before being extradited to the United States in September 2021.
The illegal sale involved trafficking login credentials to servers around the world and personally identifiable information such as birthdates and social security numbers belonging to US residents on a darknet market.
The unnamed site reportedly offered more than 700,000 compromised servers for sale, including at least 150,000 in the United States alone. Considered operational since around October 2014, the underground market was seized by law enforcement on January 24, 2019, according to court documents.
This coincides exactly with the dismantling of the xDedic market following a year-long investigation on the same date by agencies from the United States, Belgium, Ukraine and Germany.
“The xDedic Marketplace sold access to compromised computers around the world as well as personal data,” Europol said at the time, adding that “xDedic users could seek credentials from compromised computers based on criteria such as price, geographic location and operating system“.
Victims spanned a wide range of industries such as governments, hospitals, emergency services, call centers, metropolitan transit authorities, law firms, pension funds and universities.
“Once purchased, criminals have used these servers to facilitate a wide range of illegal activities, including ransomware attacks and tax evasion,” the US Department of Justice (DoJ) noted in a press release.
Ivanov-Tolpintsev allegedly obtained server usernames and passwords through a botnet that was used for brute force and password spray attacks, selling these hacked credentials on the market from 2017 to 2019 and bringing in $82,648 in return.
The sentencing comes as the DoJ sentenced a trio of cybercriminals to at least five years in prison for conspiracy to commit fraud and aggravated identity theft.
“From at least 2015 to 2020, [Jean Elie Doreus] Jovin, Alessandro Doreus and Djouman Doreus conspired to knowingly possess and with intent to defraud tens of thousands of counterfeit and unauthorized access devices, including names, social security numbers, account numbers, user and passwords of identity theft victims,” the department said.