Moldovan accused of running cybercrime marketplace to face charges in US

Jason Macuray
A Moldovan national has been extradited from the United Kingdom to face charges related to allegedly running an online marketplace selling access to compromised computers.

A Moldovan national has been extradited from the United Kingdom to face charges related to allegedly running an online marketplace selling access to compromised computers.

Sandu Diaconu, 31, appeared in a Florida courtroom on Monday for his arraignment. According to a Department of Justice press release, Diaconu was an administrator for the E-Root Marketplace, which was taken down by authorities at the end of 2020. Buyers could allegedly seek out “compromised computer credentials” on the site, such as remote desktop and secure shell access, “by desired criteria such as price, geographic location, internet service provider, and operating system.”

According to the DOJ, the site used an online payment system called Perfect Money to conceal the chain of payments.

“It also offered its illicit cryptocurrency exchange service for the purpose of converting Bitcoin to Perfect Money and vice-versa,” the Justice Department said. “This exchange was also seized.”

Authorities estimate that credentials belonging to 350,000 devices were listed for sale on the marketplace, with victims spread globally. According to the release, one such victim was a local government agency in Tampa, Florida.

“Many victims were subject to ransomware attacks, and some of the stolen credentials listed on the Marketplace were linked to stolen identity tax fraud schemes,” they wrote.

Diaconu was arrested while trying to leave the U.K. in May 2021, and was ordered extradited to the U.S. last month by Westminster Magistrates’ Court.

Along with an unnamed co-defendant, he is charged with conspiracy to commit access device and computer fraud, wire fraud conspiracy, money laundering conspiracy, access device fraud, and computer fraud, which together carry a maximum penalty of 20 years in prison.

The FBI and its partners around the world have aggressively targeted cybercriminals in the last year, carrying out dramatic operations against the infrastructure that is the backbone of the digital underworld. In April, the agency led a takedown of Genesis Market, which coincided with the arrest of more than 100 accused cybercriminals connected to the dark web platform.

In September, the DOJ unveiled indictments against nine foreign nationals with alleged ties to Trickbot malware and the Conti ransomware group.

BriefsCybercrimeGovernmentPeople
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

James Reddick has worked as a journalist around the world, including in Lebanon and in Cambodia, where he was Deputy Managing Editor of The Phnom Penh Post. He is also a radio and podcast producer for outlets like Snap Judgment.

 

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Russia and China-linked hackers exploit WinRAR bug

Next Post

JetBrains vulnerability being exploited by North Korean gov’t hackers, Microsoft says

Related Posts

Iranian MuddyWater Hackers Adopt New C2 Tool ‘DarkBeatC2’ in Latest Campaign

The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called DarkBeatC2, becoming the latest such tool in its arsenal after SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go. "While occasionally switching to a new remote administration tool or changing their C2 framework, MuddyWater’s methods remain constant," Deep
Avatar
Read More