Moldovan national sentenced in E-Root cybercrime marketplace case

A 31-year-old Moldovan national was sentenced to 42 months in U.S. federal prison for operating a series of websites used to sell access to compromised computers worldwide, the U.S. Department of Justice said on Thursday.

According to court documents, Sandu Boris Diaconu was an administrator for the E-Root Marketplace, which listed more than 350,000 compromised credentials for sale, including those belonging to companies and individuals in the U.S. 

The victims included at least one local government agency in Tampa, Florida, prosecutors said. Authorities took down E-Root in 2020.

Diaconu was arrested while attempting to leave the U.K. in May 2021 and was extradited to the U.S. in October. He pleaded guilty in December.     

E-Root operated across a widely distributed network and took steps to hide the identities of its administrators, buyers, and sellers. Buyers could search for compromised computer credentials on E-Root, such as usernames and passwords, by desired criteria: price, geographic location, internet service provider and operating system.

The compromised credentials allowed criminals to access remote computers and steal private information or manipulate the contents of those computers. E-Root’s victims often were subject to ransomware attacks, and some of the stolen credentials listed on the marketplace were linked to stolen identity tax fraud schemes.

The E-Root Marketplace used Perfect Money, a legitimate online payment system, to help conceal buyers’ payments. The marketplace administrators offered an illicit cryptocurrency exchange service to convert bitcoin to Perfect Money and vice-versa. This exchange was also seized by U.S. law enforcement.