Dutch Cops Neutralize Major Dark Web Market, Admins Arrested
Read also: a hacker pleads guilty to $37M crypto fraud, two fraudsters charged in a $1M DoorDash wage theft scheme, and more.
An international police op dismantles the Bohemia/Cannabia Dark Web marketplace
The Dutch police have announced the takedown of the world’s largest and longest-running Dark Web marketplace ‘Bohemia’ and its sister site ‘Cannabia’ that sold various illegal goods, such as drugs, counterfeit identification cards, as well as cybercrime services such as exploits, DDoS attacks, and malware.
The authorities said that two alleged administrators of Bohemia/Cannabia were arrested - one in the Netherlands, and the other suspect was apprehended in Ireland.
The Dutch National Investigation and Intervention Unit's High Tech Crime Team has been targeting the Bohemia/Cannabia market since late 2022. The platform was in operation until the end of 2023, when, due to technical difficulties, the administrators performed an ‘exit scam,’ reportedly dividing the market's remaining funds among themselves.
A hacker pleads guilty to $37M cryptocurrency fraud
Evan Frederick Light, a 21-year-old resident of the US, has pleaded guilty to charges of conspiracy to commit wire fraud and conspiracy to launder monetary instruments in connection with a massive cryptocurrency theft. The scheme involved the theft of more than $37.7 million from an American investment holdings company.
Together with his co-conspirators, Light used a stolen identity to gain access to the company’s servers. Posing as a legitimate client, the perpetrators exploited vulnerabilities within the company's network, using the breach to infiltrate deeper and steal the personal information of hundreds of clients.
Light confessed to leveraging the stolen information to siphon off cryptocurrency from 571 victims, a total valued at more than $37.7 million. To hide the origins of the stolen funds and make it more difficult to track the money, Light utilized coin-mixing services and online gambling platforms.
He now faces up to 20 years in prison per count, in addition to three years of supervised release.
Cybersecurity Compliance
Prevent data breaches and meet regulatory requirements
A Ukrainian man pleads guilty to charges related to Raccoon Infostealer MaaS operation
Mark Sokolovsky, a 28-year-old Ukrainian national, admitted his role in the notorious Raccoon Infostealer malware operation. Sokolovsky faces a range of charges, including computer hacking, fraud, identity theft, and money laundering.
The man was apprehended in the Netherlands in March 2022 after an international law enforcement operation dismantled the infrastructure behind Raccoon Infostealer. Following his arrest, Sokolovsky was extradited to the US in February 2024 to stand trial.
According to court documents, Sokolovsky played a key role in running Raccoon Infostealer as part of a Malware-as-a-Service (MaaS) scheme. The platform allowed cybercriminals to lease the malware for approximately $200 per month, with payments made in cryptocurrency. The malware was primarily distributed through phishing campaigns designed to trick victims into downloading the data-stealing malware.
As part of his plea agreement, Sokolovsky has agreed to forfeit nearly $24,000 and pay over $910,000 in restitution.
Two fraudsters charged in a $1M DoorDash wage theft scheme
The US authorities have indicted two men from Texas, Oluwatobi Otukelu and Evan Edwards, for orchestrating a scheme that defrauded DoorDash drivers, or “Dashers,” out of more than $1 million. The indictment accuses Otukelu and Edwards of impersonating Dashers to hijack their wages over the past two years.
The suspects allegedly targeted at least 138 DoorDash drivers across six US states. The men gained access to the personal identifying information (PII) of victims, including phone numbers, dates of birth, recent transactions, and partial driver’s license numbers. Using this information, Otukelu and Edwards posed as the drivers when contacting DoorDash customer support. They would claim that they had lost access to their accounts, convincing DoorDash representatives to reset the login details.
Once they gained control of the accounts, the pair would lock out the real drivers, change the account information, and reroute the drivers' wages to bank accounts under their control. They then used the stolen money to make personal purchases.
Investigators believe that Otukelu and Edwards may have also recruited DoorDash customer service representatives to assist in the fraud. The pair was arrested on September 26, 2024. They face multiple charges, including conspiracy to commit wire fraud and aggravated identity theft.
The US charges market makers, crypto projects, and individuals in a major crypto manipulation scheme
US authorities have charged four companies and over a dozen individuals for orchestrating a scheme to artificially inflate the value of cryptocurrency tokens, duping investors into buying coins at inflated prices while profiting from fees and sham trades.
Federal prosecutors have charged firms Gotbit, ZM Quant, CLS Global, and MyTrade, along with the leaders and employees of these and other companies. The takedown has led to four arrests, guilty pleas from five individuals, and the seizure of over $25 million in cryptocurrency. According to the authorities, the defendants allegedly engaged in wash trading aka round trip trading - an illegal practice in which an entity simultaneously sells and buys the same financial assets.
As part of the investigation, the FBI established a cryptocurrency company, which launched its own token on the Ethereum blockchain. Prosecutors allege that the above-mentioned companies agreed to manipulate the FBI-created token as part of the larger scheme.
What’s next:
- Join our upcoming webinars
- Follow ImmuniWeb on Twitter, LinkedIn and Telegram
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter