A Cybercrime Ring Responsible For Hijacking Over 100M Email, Instagram Accounts Dismantled
Read also: E-Root Marketplace admin sentenced, an IT-contractor jailed for cyber fraud, and more.
Thursday, March 21, 2024
Ukraine arrests hackers who stole over 100 million email, Instagram accounts
Three alleged cybercriminals aged between 20 and 40 have been apprehended by Ukrainian law enforcement for orchestrating a scheme to pilfer over 100 million email and Instagram accounts from internet users worldwide. The suspects used the brute force technique to test a vast array of password combinations and commandeer victim accounts.
Over the span of a year-long spree, the group managed to compile databases containing stolen accounts from more than 100 million individuals worldwide. The suspects sold the compromised accounts on underground markets. Their clientele mainly comprised other cybercriminals who used the hacked accounts for various illicit activities.
During the searches at the residences and registered addresses associated with the suspects, the police officers confiscated computer hardware, mobile devices, bank cards, and cash.
The suspects were charged with unauthorized interference in the operation of automated information systems, electronic communication, information and communication systems, and electronic communication networks. They could potentially face up to 15 years in prison.
Request your free demo now and talk to our experts.
E-Root admin sentenced for operating a global compromised credentials marketplace
Sandu Boris Diaconu, a Moldovan national, has been handed 42 months’ imprisonment for his role in operating the notorious E-Root Marketplace, an underground network of websites that sold compromised computer credentials on a global scale.
E-Root Marketplace used sophisticated techniques to hide the identities of administrators, buyers, and sellers. The platform allowed buyers to search for compromised login credentials, offering remote access to victim computers. Buyers could specify criteria such as price, geographic location, internet service provider, and operating system.
The platform utilized an online payment system called ‘Perfect Money’ and provided an illicit cryptocurrency exchange service, facilitating the conversion of Bitcoin to Perfect Money and vice versa. This exchange service has also been seized by authorities. It is estimated that over 350,000 compromised credentials were listed for sale on the E-Root Marketplace.
Diaconu was apprehended in May 2021 when he attempted to flee the United Kingdom. Following extradition to the US in October 2023, Diaconu pleaded guilty on December 1, 2023.
‘Lifelock’ hacker pleads guilty to stealing data from the police department, medical clinic
Robert Purbeck, aka “Lifelock” and “Studmaster,” has pleaded guilty to orchestrating a series of sophisticated cyberattacks that compromised the personal information of more than 132,000 individuals across the United States.
According to court documents, Purbeck bought access on a Dark Web market to the computer servers of a number of entities, including the City of Newnan and its police department, and a medical clinic in Griffin, Georgia.
Using compromised credentials, the perpetrator stole personal data from victims. In the case of the medical clinic, he pilfered sensitive medical records and personal information belonging to over 43,000 individuals, including names, addresses, birthdates, and social security numbers.
Lifelock was arrested in August 2019, with the police seizing numerous computers and devices containing the personal data obtained via his cyber intrusions. As part of his plea agreement, Purbeck agreed to pay over $1 million in restitution to the affected victims. He is scheduled to be sentenced on June 18, 2024.
A fraudster pleads guilty to exploiting the elderly in a tech support scam
Vinoth Ponmaran, a 35-year-old Indian citizen, admitted his role in a tech support fraud scheme targeting thousands of elderly victims across the US and Canada.
Ponmaran was a member of a gang based in the US and India that duped more than 6,500 victims, predominantly elderly individuals, into paying for unnecessary computer repair services, totaling over $6 million in criminal proceeds.
The fraudsters tricked victims into believing that their computers were infected with malware using pop-up Windows alerts and urged victims to call a provided number for technical support. Upon contacting the fraudulent support number, victims were coerced into paying exorbitant fees for services that were never rendered.
Ponmaran managed a call center in India involved in this tech support scam. He also operated fraudulent corporate entities and bank accounts in the US through which illicit gains were laundered. Ponmaran pleaded guilty to conspiracy to commit wire fraud and conspiracy to intentionally damage a protected computer. He faces up to five years in prison for each charge, if convicted. Additionally, he has agreed to forfeit over $6 million and pay restitution of about $2 million.
An Australian IT-contractor jailed for cyber fraud
A 25-year-old man from Macquarie Park in Sydney, Australia, has been handed a two-year and six-month prison sentence for defrauding over $66,000 from a dozen victims by abusing his position as an IT contractor with a third-party provider to the Australian National Maritime Museum (ANMM).
Using his position, the fraudster illegally accessed the ANMM's accounts payable system and modified bank account information to his own benefit. He then obtained the financial data of multiple individuals and businesses stored within the ANMM's systems and used it to buy what the Australian Federal Police (AFP) described as “high-end IT gear” and “4WD upgrades and mechanical work.”
The scheme was discovered in November 2022, when suspicious irregularities in the ANMM's financial records came to light. Following a subsequent investigation, the culprit was identified and arrested in March 2023.
The man was convicted of unauthorized access and modification with intent to commit a serious computer offense, dishonestly obtaining or dealing in personal financial information, and dishonestly obtaining property by deception.
What’s next:
- Join our upcoming webinars
- Follow ImmuniWeb on Twitter, LinkedIn and Telegram
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law. 
