A 23-year-old Russian man has been charged by U.S. prosecutors and added to the FBI’s Cyber Most Wanted List for allegedly running Marketplace A, a cybercrime forum where users bought and sold stolen data, including logins for websites and credit card information.
The Department of Justice said Tuesday that Igor Dekhtyarchuk “was the administrator of Marketplace A and was a Russian hacker who first appeared in hacker forums in November 2013 under the alias ‘floraby.’”
A federal grand jury in Tyler, Texas, returned an indictment against Dekhtyarchuk on March 16. Federal agents based in that region made 13 purchases of stolen data from him from March 2021 to July 2021, the DOJ said.
Dekhtyarchuk is charged with wire fraud, access device fraud and aggravated identity theft. If he’s captured and convicted, he could get up to 20 years in prison, the announcement said. He was “previously a student at Ural State University in Yekaterinburg, Russia, and was last known to reside in Kamensk-Uralsky, Sverdlovsk Oblast, Russia,” according to the FBI.
Marketplace A was known as a “carding” shop, where crooks could buy and sell “compromised online payment platforms, retailers, and credit card accounts, including providing the data associated with those accounts such as names, home addresses, login credentials, and payment card data for the victims,” the DOJ said. The site began operating in May 2018, the feds said.
Dekhtyarchuk “claimed to have sold access to more than 48,000 compromised email accounts, more than 39,000 compromised online accounts, and averaged approximately 5,000 daily visitors,” the DOJ said.
The DOJ said a customer who visited Marketplace A “could select different products just as in a legitimate web store.” In some cases, they could “purchase the information to unlawfully access two online retail accounts plus receive credit card information for the same victim.”
Other options “were broken down by known account balances, which were sold at different price points,” the announcement said.
“Dekhtyarchuk also sold the usage, in seven-day rental increments, of a program called ‘[Company A] Auth 1.0,’” downloadable software that allowed buyers to input illegally obtained credentials and use a provided cookie file to access accounts.
International law enforcement has cracked down on carding markets in recent years — including the infamous Joker’s Stash site — but security researchers say that cybercriminals continue to devise new ways to steal credit card information and sell it. The DOJ said the State Police of Latvia assisted in the Marketplace A investigation.
“Cyber-criminal actors behind these marketplaces go to great length to obfuscate their true identities and often utilize other sophisticated methods to further anonymize their activities,” said FBI Houston Special Agent in Charge Jim Smith. “Success in these complex investigations is dependent on teamwork and collaboration between the FBI, our international partners, and our private sector partners.”
Russia itself conducted a series of raids on alleged cybercriminals earlier this year, before it invaded Ukraine.
More than 100 in people and hacking groups are on the Cyber Most Wanted List.