Glib Oleksandr Ivanov-Tolpintsev, a 28-year-old from Ukraine, was sentenced today to 4 years in prison for stealing thousands of login credentials per week and selling them on a dark web marketplace.
Ivanov-Tolpintsev claimed to some of his co-conspirators that he could crack credentials for over 2,000 systems each week in brute-force attacks using a botnet under his control.
“During the course of the conspiracy, Ivanov-Tolpintsev boasted that his botnet was capable of decrypting the login credentials of at least 2,000 computers every week,” the Department of Justice revealed today.
“From 2017 through 2019, Ivanov-Tolpintsev listed for sale thousands of login credentials of servers on the Marketplace, including more than 100 in the Middle District of Florida.”
The stolen credentials sold on the dark web can be used by threat actors in a wide range of attacks (e.g., data theft, ransomware attacks) or to proxy their activity and cover the trails of other attacks.
Identified after analyzing Jabber chats
Even though Ivanov-Tolpintsev operated online under multiple aliases, the DOJ subpoenaed emails from Google to identify his real identity and a Jabber address he used to communicate with representatives of the marketplace he told the stolen credentials on.
According to court documents, after analyzing the thousands of Jabber chats obtained during the investigation, FBI agents made a timeline of Ivanov-Tolpintsev’s activity as a seller and his attempts to become one on the dark web marketplace.
As they found out, using the alias “Mars,” the Ukrainian cybercriminal allegedly put up for sale access to 6,704 computers, earning a total of $82,648 after selling them on the dark web marketplace.
He was arrested by Polish authorities in Korczowa, Poland, two years ago, on October 3, 2020, and was extradited to the United States according to the extradition treaty between the two countries.
Ivanov-Tolpintsev faced charges of conspiracy, trafficking in unauthorized access devices, and trafficking in computer passwords.
On February 22, 2022, he pleaded guilty and was sentenced to 4 years in federal prison, although he faced a maximum penalty of 17 years in prison.
Source: https://www.bleepingcomputer.com/news/security/ukrainian-imprisoned-for-selling-access-to-thousands-of-pcs/