A Citizen Of Ukraine Was Accused Of Managing A Brute-force Botnet

✨ Megiddo

✨ President ✨
Staff member
Joined
May 15, 2016
Messages
13,115
Likes
2,643
Points
1,730
The US Department of Justice reported that 28-year-old Ukrainian citizen Gleb Ivanov-Tolpintsev was extradited from Poland, who is accused of selling access to hacked computer systems through a specialized darknet marketplace.

According to court documents, the suspect ran a botnet for more than four years, which he used to conduct brute-force attacks. Presumably, he was picking up credentials from RDP.

Ivanov-Tolpintsev reportedly worked online under several aliases, and investigators identified his true identity by requesting access to his email on Google and recognizing Jabber, which he used to contact buyers.

By studying Jabber chats, the FBI learned how Ivanov-Tolpintsev could become a darknet seller. For example, in 2017, he asked about the requirements of an unnamed marketplace for sellers and was told to have a credential database for at least 5,000 servers and put up for sale at least 500 credential every week. The suspect stated that he met these requirements.

The Justice Department reports that Ivanov-Tolpintsev ended up brute-forcing and putting up for sale approximately 2,000 credentials per week. Under the name Mars, he sold access to 6704 computers, and earned $ 82,648 from this.

U.S. authorities say the Ukrainian now faces up to 17 years in prison if found guilty on all charges, including conspiracy, trafficking in unauthorized access devices and trading in passwords for computer systems.

• Source: justice[.]gov/usao-mdfl/pr/ukrainian-cyber-criminal-extradited-decrypting-credentials-thousands-computers-across

• Source: justice[.]gov/usao-mdfl/press-release/file /1431116/download
 
Top Bottom