U.S. Department of Justice Charges 19 Global xDedic Darknet Market Scams with $68 Million

ReportJanuary 8, 2024Editorial DepartmentFinancial Fraud/Cybercrime

The US Department of Justice (DoJ) said it had filed charges against 19 individuals around the world in connection with the now-defunct organization. xDedic MarketIt is estimated that this contributed to more than $68 million in fraud.

The cross-border operation was the result of close cooperation with law enforcement agencies in Belgium, Germany, the Netherlands, Ukraine and Europol, the agency said in closing its investigation into the dark web portal.

Among the 19 defendants, 3 were sentenced to 6.5 years in prison, 8 were sentenced to fixed-term imprisonment ranging from 1 to 5 years, and 1 was sentenced to 5 years of probation.

One of them includes Ukrainian citizen Glib Oleksandr Ivanov-Tolpintsev, who was sentenced to four years in prison in May 2022 for selling leaked credentials on xDedic and illegally profiting $82,648.

Dariy Pankov, described by the U.S. Department of Justice as one of the top sellers, provided credentials to no less than 35,000 hacked servers located around the world and obtained more than $350,000 in illegal income.

The servers were penetrated using a custom tool called NLBrute, which is capable of breaking into protected computers by decrypting login credentials.

Also of note is a Nigerian national named Allen Levinson, a “prolific buyer” who was particularly interested in purchasing the rights to a U.S. CPA firm in order to provide U.S. The government files false tax returns.

Five other people have been charged with conspiracy to commit wire fraud and are awaiting sentencing.

In addition to these administrators and sellers, two buyers named Olufemi Odedeyi and Oluwaseyi Shodipe were also charged with conspiracy to commit wire fraud and aggravated identity theft. Shodipe was also charged with making false claims and stealing government funds.

The pair have not yet been extradited from the UK and face up to 20 years in federal prison if convicted.

The marketplace, before shutting down in January 2019, allowed cybercriminals to buy or sell stolen credentials from more than 700,000 hacked computers and servers around the world, as well as personally identifiable information of U.S. residents, such as birth dates and social identities. Security number.

Alexandru Habasescu and Pavlo Kharmanskyi serve as market administrators. Habasescu, who is from Moldova, is the lead developer, while Kharmanskyi, who lives in Ukraine, manages advertising, payments and customer support for buyers.

“Once purchased, criminals use these servers to conduct a range of illegal activities, including tax fraud and ransomware attacks,” the U.S. Department of Justice said.

Targets of these attacks include government infrastructure, hospitals, 911 and emergency services, call centers, major metropolitan transportation authorities, accounting and law firms, pension funds, and universities.