TYLER, Texas – A 23-year-old Russian has been indicted in the Eastern District of Texas for offenses related to operating a cybercriminal marketplace that sold thousands of stolen login credentials, personally identifiable information and personal data. authentication tools, announced Eastern District of Texas U.S. Attorney Brit Featherston.
Igor Dekhtyarchuk, a resident and national of the Russian Federation (Russia), was named in an indictment issued by a federal grand jury on March 16, 2022, charging him with offenses related to operating a market cybercriminal who sold thousands of stolen credentials, personal identifiable information and authentication tools.
According to the indictment, Dekhtyarchuk operated Marketplace A, which claimed to have sold access to over 48,000 compromised email accounts, over 39,000 compromised online accounts and had an average of around 5,000 daily visitors. Marketplace A specializes in the sale of illegally obtained access devices for online payment platforms, retailers and compromised credit card accounts, including the provision of data associated with these accounts such as names, home addresses , login credentials and payment card data for the victims, who are the real owners of such accounts. Marketplace A’s business is known as the “card store” in the cybercriminal world.
Dekhtyarchuk was the administrator of Marketplace A and was a Russian hacker who first appeared in hacker forums in November 2013 under the pseudonym “floraby”. Dekhtyarchuk began advertising the sale of compromised account data on Russian-language hacker forums in April 2018 and opened Marketplace A in May 2018. Dekhtyarchuk immediately began advertising Marketplace A and the products he sold in May 2018.
A potential customer visiting Marketplace A to purchase access devices for compromised accounts could select different products, just like in a legitimate online store. Options included various combinations of online accounts and credit cards for the same victim. For example, one option allowed Dekhtyarchuk’s customers to purchase the information to illegally access two online retail accounts and receive credit card information for the same victim. Some options were broken down by known account balances, which were sold at different price points.
Dekhtyarchuk also sold the use, in seven-day rental increments, of a program called “[Company A] Auth 1.0,” which was downloadable software that the customer could use to enter stolen access devices and, using the provided cookie, gain access to Company A’s compromised accounts.
Beginning in March 2021 and ending in July 2021, the FBI, through an Online Secret Employee (OCE), made thirteen access device purchases from Dekhtyarchuk while accessing Market A since the Eastern District of Texas. Each purchase varied in number of accounts, ranging from three to twenty accounts, resulting in access devices purchased for a total of 131 accounts. The OCE received the access devices purchased via a Telegram link or messaging service shortly after making each purchase.
Dekhtyarchuk was placed on the FBI’s most wanted list.
“This case illustrates the need for all of us, at this time, to take steps to protect our online identity, personal data and monetary accounts,” said US Attorney Brit Featherston. “Cybercriminals hide behind the glow of computer screens and harm Americans. These investigations require dedicated professionals who work tirelessly to stop thieves who unknowingly steal from innocent people. To those who dedicate their lives to stopping cybercriminals, we thank you.
“The cybercriminal marketplace operated by Dekhtyarchuk has promoted and facilitated the sale of compromised credentials, personally identifiable information (PII), and other sensitive financial information,” said FBI Houston Special Agent in Charge Jim Smith. “The cybercriminal actors behind these marketplaces work hard to conceal their true identities and often use other sophisticated methods to further anonymize their activities. The success of these complex investigations depends on teamwork and collaboration between the FBI, our international partners and our private sector partners, it is only through our commitment, coordinated efforts and strategic partnerships that we can defeat the cyber threat.
If convicted, Dekhtyarckuk faces up to 20 years in federal prison. A grand jury indictment is not proof of guilt. A defendant is presumed innocent until proven guilty beyond a reasonable doubt by a court.
This case is being investigated by the Federal Bureau of Investigation Houston Cyber Task Force with assistance from the FBI Dallas Field Office, FBI Cyber Division, National Cyber-Forensics & Training Alliance, from the office of the FBI Legal Attaché Riga and the State Police. from Latvia. This case is being prosecuted by Assistant U.S. Attorney D. Ryan Locker.
###
Comments are closed.