TYLER, Texas – A 23-year-old Russian man has been indicted in the Eastern District of Texas for operating a cyber-criminal marketplace that sold thousands of stolen login credentials, personal identifiable information and authentication tools, Eastern District of Texas U.S. Attorney Brit Featherston announced on Tuesday.
Igor Dekhtyarchuk, a resident and national of Russia, was named in an indictment returned by a federal grand jury on March 16, charging him with offenses related to operating a cyber-criminal marketplace that sold thousands of stolen login credentials, personal identifiable information, and authentication tools, according to a release.
According to the indictment, Dekhtyarchuk operated Marketplace A, which claimed to have sold access to more than 48,000 compromised email accounts, more than 39,000 compromised online accounts, and averaged approximately 5,000 daily visitors. Marketplace A specialized in the sale of unlawfully obtained access devices for compromised online payment platforms, retailers, and credit card accounts, including providing the data associated with those accounts such as names, home addresses, login credentials, and payment card data for the victims, who are the actual owners of those accounts. Marketplace A’s business is known as a “carding shop” in the cyber-criminal world.
Dekhtyarchuk was the administrator of Marketplace A and was a Russian hacker who first appeared in hacker forums in November 2013 under the alias “floraby.” Dekhtyarchuk began advertising the sale of compromised account data in Russian-language hacker forums in April 2018 and opened Marketplace A in May 2018. Dekhtyarchuk immediately began advertising Marketplace A and the products it sold in May 2018.
A potential customer who visited Marketplace A to purchase access devices for compromised accounts could select different products just as in a legitimate web store. The options included various combinations of online and credit card accounts for the same victim. For example, one option allowed Dekhtyarchuk’s customers to purchase the information to unlawfully access two online retail accounts plus receive credit card information for the same victim. Some options were broken down by known account balances, which were sold at different price points.
Dekhtyarchuk also sold the usage, in seven-day rental increments, of a program called “[Company A] Auth 1.0,” which was a downloadable software program that the customer could use to input the stolen access devices, and using the provided cookie, to access the compromised Company A accounts.
Beginning in March 2021 and ending in July 2021, the FBI through an online covert employee (OCE) made thirteen purchases of access devices from Dekhtyarchuk while accessing Marketplace A from the Eastern District of Texas. Each purchase varied in number of accounts, ranging from three to twenty accounts, resulting in access devices purchased for a total of 131 accounts. The OCE received the purchased access devices via link or Telegram messenger service shortly after completing each purchase.
Dekhtyarchuk has been placed on the FBI’s Cyber Most Wanted List.
“This case exemplifies the need for all of us, right now, to take steps to protect our online identity, our personal data, and our monetary accounts,” said U.S. Attorney Brit Featherston for the Eastern District of Texas. “Cyber-criminals are lurking behind the glow of computer screens and are harming Americans. These investigations require dedicated professionals who work tirelessly to stop thieves that steal from unknowing innocent people. To those who dedicate their lives to stopping cyber-criminals, we thank you.”
“The cyber-criminal marketplace operated by Dekhtyarchuk promoted and facilitated the sale of compromised credentials, personally identifiable information (PII), and other sensitive financial information,” said Special Agent in Charge Jim Smith of the FBI’S Houston Field Office. “Cyber-criminal actors behind these marketplaces go to great length to obfuscate their true identities and often utilize other sophisticated methods to further anonymize their activities. Success in these complex investigations is dependent on teamwork and collaboration between the FBI, our international partners, and our private sector partners. It is only through our commitment, coordinated efforts and strategic partnerships that we will be able to defeat the cyber threat.”
If convicted, Dekhtyarckuk faces up to 20 years in federal prison. A grand jury indictment is not evidence of guilt. A defendant is presumed innocent until proven guilty beyond a reasonable doubt in a court of law.
Copyright 2022 by KPRC Click2Houston – All rights reserved.