Security News > 2022 > May > Ukrainian Hacker Jailed for 4-Years in U.S. for Selling Access to Hacked Servers

A 28-year-old Ukrainian national has been sentenced to four years in prison for siphoning thousands of server login credentials and selling them on the dark web for monetary gain as part of a credential theft scheme.

The illegal sale involved the trafficking of login credentials to servers located across the world and personally identifiable information such as dates of birth and Social Security numbers belonging to U.S. residents on a darknet marketplace.

The unnamed site purportedly offered over 700,000 compromised servers for sale, including at least 150,000 in the U.S. alone.

"The xDedic Marketplace sold access to compromised computers worldwide as well as personal data," Europol said at the time, adding, "Users of xDedic could search for compromised computer credentials by criteria, such as price, geographic location, and operating system."

"Once purchased, criminals used these servers to facilitate a wide range of illegal activity that included ransomware attacks and tax fraud," the U.S. Justice Department noted in a press statement.

Ivanov-Tolpintsev is said to have obtained the server usernames and passwords by means of a botnet that was used to brute-force and password spraying attacks, listing on sale these hacked credentials on the marketplace from 2017 through 2019 and netting $82,648 in return.

News URL

https://thehackernews.com/2022/05/ukrainian-hacker-jailed-for-4-years-in.html