A Ukrainian Has Been Arrested for Selling Access to Thousands of Computers

A Ukrainian Has Been Arrested for Selling Access to Thousands of Computers

Glib Oleksandr Ivanov-Tolpintsev, a 28-year-old Ukrainian, was sentenced to four years in prison today for stealing tens of thousands of login passwords per week and selling them on the dark web.

Ivanov-Tolpintsev stated to some of his accomplices that he could brute-force break passwords for over 2,000 systems per week using a botnet he controlled.

The Department of Justice announced today that “over the course of the conspiracy, Ivanov-Tolpintsev boasted that his botnet was capable of decrypting the login passwords of at least 2,000 machines every week.”

“From 2017 through 2019, Ivanov-Tolpintsev sold thousands of server login credentials on the Marketplace, including over 100 in the Middle District of Florida.”

Threat actors can use stolen credentials sold on the dark web in a variety of attacks (e.g., data theft, ransomware attacks) or to proxy their activity and hide the traces of other assaults.

After examining Jabber communications, this was discovered

Despite the fact that Ivanov-Tolpintsev used various aliases online, the DOJ obtained emails from Google in order to determine his true identity and a Jabber address he used to connect with representatives of the marketplace where the stolen credentials were sold.

According to court filings, FBI agents created a timeline of Ivanov-behavior Tolpintsev’s as a seller and his attempts to become one on the dark web marketplace after analyzing hundreds of Jabber messages seized during the investigation.

As they discovered, the Ukrainian cybercriminal allegedly used the identity “Mars” to sell access to 6,704 computers on the dark web marketplace, earning a total of $82,648.

On October 3, 2020, he was detained by Polish police in Korczowa, Poland, and extradited to the United States under the extradition treaty between the two countries.

Ivanov-Tolpintsev was charged with conspiracy, illegal access device trafficking, and computer password trafficking.

He pleaded guilty on February 22, 2022, and was sentenced to four years in federal prison, although facing a maximum sentence of seventeen years.

Source

Share this on

Facebook
LinkedIn
Twitter
Pinterest
Email
WhatsApp
Telegram
Skype