US Charge Man with Running Stolen Credentials Marketplace

A man has been extradited from the UK to the US for allegedly operating a website that sold access to compromised computer credentials. Sandu Diaconu, 31, from Moldova, has been charged by the US with conspiracy to commit access device and computer fraud, wire fraud conspiracy, money laundering conspiracy, access device fraud, and computer fraud. If found guilty, he faces a maximum of 20 years in federal prison. The indictment notifies Diaconu that the US is seeking an order of forfeiture relating to the proceeds of and used in the charged criminal conduct. The charges relate to Diaconu's alleged administration of the E-Root marketplace, a website that for years sold access to compromised computer credentials. Based on the investigation led by IRS - CI Cyber Crimes Unit and the FBI - Tampa Division, the authorities believe more than 350,000 credentials were listed for sale on E-Root. The court documents highlighted the steps the E-Root marketplace took to hide the identities of its administrators, buyers and sellers. This includes using the online payment system Perfect Money to help conceal payments, and offering its illicit cryptocurrency exchange service for the purpose of converting Bitcoin to Perfect Money and vice-versa. Buyers could search for compromised computer credentials on E-Root, such as RDP and SSH access, through a range of criteria, including price, geographic location, internet service provider, and operating system. Many of the victims, who spanned the globe and included at least one government agency in Tampa, Florida, were subjected to ransomware attacks. Some of the stolen credentials were linked to stolen identity tax schemes. The E-Root marketplace was taken down at the end of 2020, with seizure orders executed against the domain names of the site. Diaconu was arrested in the UK while trying to leave the country in May 2021, and in September 2023, Westminster Magistrates' Court ordered him to be extradited to the US. Growing Crackdown on Cybercrime Websites. The takedown of the E-Root marketplace is one of a number of law enforcement actions against dark web criminal marketplaces. In April 2022, German police shut down Russian darknet marketplace Hydra, and in May 2023, Europol arrested nearly 300 individuals on suspicion of buying or selling drugs on underground marketplace Monopoly Market. Mike Newman, CEO of My1Login, welcomed the recent indictment against Diaconu, highlighting the enormous damage caused by E-Root. "Because the site focused on credentials, buyers knew that when purchasing one valid set they could test them out on other sites to gain access to more user accounts - this widened the attack surface but also made it likely many more organizations outside of E-Root's database were impacted," he said. He cautioned that many other similar marketplaces still exist on the dark web.

This Cyber News was published on www.infosecurity-magazine.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to US Charge Man with Running Stolen Credentials Marketplace

Google Workspace Marketplace: 4 Tips for Choosing the Best Apps - An Independent Security Verification badge is one indication that an app should go to the top of your list when evaluating options in the Google Workspace Marketplace. We may be compensated by vendors who appear on this page through methods such as ...
11 months ago Techrepublic.com
US Charge Man with Running Stolen Credentials Marketplace - A man has been extradited from the UK to the US for allegedly operating a website that sold access to compromised computer credentials. Sandu Diaconu, 31, from Moldova, has been charged by the US with conspiracy to commit access device and computer ...
11 months ago Infosecurity-magazine.com
SSNDOB Marketplace Admin Jailed for Selling Americans Data - In a resounding triumph for justice, U.S. District Judge Kathryn Kimball Mizelle has sentenced Vitalii Chychasov, a 37-year-old Ukrainian citizen, to an eight-year federal prison term. Chychasov played a pivotal role in orchestrating the notorious ...
11 months ago Cybersecuritynews.com
361 million stolen accounts leaked on Telegram added to HIBP - A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check ...
4 months ago Bleepingcomputer.com
Facebook Marketplace Is Being Ruined by Zelle Scammers - Some scams encourage people to upgrade their Zelle accounts to a business tier to receive money from a buyer, according to the Better Business Bureau, and come from emails mimicking Zelle, but with different domains. That upgrade appears to cost ...
10 months ago Wired.com
Have I Been Pwned adds 71 million emails from Naz.API stolen account list - Have I Been Pwned has added almost 71 million email addresses associated with stolen accounts in the Naz.API dataset to its data breach notification service. The Naz.API dataset is a massive collection of 1 billion credentials compiled using ...
10 months ago Bleepingcomputer.com
US charged 19 suspects linked to xDedic cybercrime marketplace - The U.S. Department of Justice announced the end of a transnational investigation into the dark web xDedic cybercrime marketplace, charging 19 suspects for their involvement in running and using the market's services. An international operation ...
10 months ago Bleepingcomputer.com
Rise of OLVX: A New Haven for Cybercriminals in the Shadows - OLVX has emerged as a new cybercrime marketplace, quickly gaining a loyal following of customers seeking through the marketplace tools used to conduct online fraud and cyberattacks on other websites. The launch of the OLVX marketplace follows along ...
11 months ago Cysecurity.news
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets - Infostealers infect computers, steal all of the credentials saved in the browser along with active session cookies and other data, then export it back to command and control infrastructure before, in some cases, self-terminating. This article will ...
10 months ago Bleepingcomputer.com
Expanding the Availability of CIS Hardened Images on Oracle - Some IT and security leaders lack confidence in their ability to secure their workloads in the cloud. That's not necessarily affecting public cloud spending. According to Gartner, global end-user spending on public cloud services will reach $591.8 ...
1 year ago Cisecurity.org
Best of 2023: Combo Lists & the Dark Web: Understanding Leaked Credentials - In today's interconnected, cloud-based world, user credentials are the keys that grant entry to the house that stores an organization's digital treasure. Just as burglars pick the lock on a physical house, cybercriminals use stolen credentials to ...
10 months ago Securityboulevard.com
xDedic Marketplace Admin and Operators Arrested - In a landmark victory for cybersecurity, the xDedic Marketplace, a notorious haven for cybercrime, has been shut down. This international operation, spearheaded by the U.S. Attorney's Office, FBI, IRS-CI, and a consortium of law enforcement agencies ...
10 months ago Gbhackers.com
German Authorities Taken Down Dark Web place Kingdom Market - Kingdom Market, a dark web marketplace that sold drugs, malicious software, criminal services, and counterfeit documents, has been taken down by the German Federal Criminal Police Office with assistance from many foreign law enforcement ...
10 months ago Cybersecuritynews.com
BreachForums administrator detained after violating parole - The administrator behind defunct cybercrime haven BreachForums was arrested after violating his parole, according to court documents filed this week. Conor Brian Fitzpatrick was arrested on January 2 by FBI officers after officials told a judge that ...
10 months ago Therecord.media
CVE-2018-14825 - On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 running Android OS 7.1, CT40 running Android OS 7.1, CK75 running Android OS 6.0, CN75 running Android OS 6.0, CN75e running Android OS 6.0, CT50 running Android OS 6.0, D75e running ...
5 years ago
GitHub code-signing certificates stolen - Another day, another access-token-based database breach. This time, the victim is Microsoft's GitHub business. On December 6, 2022, repositories from our atom, desktop, and other deprecated GitHub-owned organizations were cloned by a compromised ...
1 year ago Nakedsecurity.sophos.com
Ticketmaster confirms massive breach after stolen data for sale online - Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. While the breach has allegedly exposed the data of over 560 million ...
5 months ago Bleepingcomputer.com
Ukrainian gets 8-year sentence for running marketplace for Americans' data - A Ukrainian citizen was sentenced to eight years in U.S. prison for administering a marketplace that sold the personal information of millions of Americans. Vitalii Chychasov, 37, was arrested in March of last year while attempting to enter Hungary ...
11 months ago Therecord.media
Innovative Legal Move Restores Hospital's Stolen Information - There has been a handover of patient data stolen by the notorious LockBit gang from a cloud computing company to a New York hospital alliance that is partnered with that company. There was a lawsuit filed by the North Star Health Alliance - a group ...
10 months ago Cysecurity.news
Admin of major stolen account marketplace gets 42 months in prison - Moldovan national Sandu Boris Diaconu has been sentenced to 42 months in prison for operating E-Root, a major online marketplace that sold access to hacked computers worldwide. According to court documents, after the federal prison ends, Diaconu will ...
8 months ago Bleepingcomputer.com
Blue Shield of California members' Social Security numbers, other data stolen - Sensitive data from Blue Shield of California vision policy holders - including Social Security numbers, birth dates and addresses - may be among confidential patient information accessed by criminal hackers, the Oakland-based health insurance giant ...
11 months ago Siliconvalley.com
Shaping the Future of Finance: The Cisco and AWS Collaboration in EMEA - The collaboration between Cisco and Amazon Web Services in the Europe, Middle East, and Africa region-combining each company's market leading strengths-continues to deliver impressive outcomes for our customers, notably within the Financial Services ...
11 months ago Feedpress.me
International Bank Aims To Crack Down On Facebook Marketplace Scams - Facebook Marketplace scams are always a big problem, but they reach a new level entirely around the holidays. According to international financial institution Banco Santander, its customers have lost over $8.2 million to Facebook Marketplace scams ...
10 months ago Facecrooks.com
Hacker leaks millions of new 23andMe genetic data profiles - A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum. Earlier this month, a threat actor leaked the stolen data of 1 million Ashkenazi Jews who used 23andMe ...
11 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)