Arrest

The U.S. Department of Justice announced the end of a transnational investigation into the dark web xDedic cybercrime marketplace, charging 19 suspects for their involvement in running and using the market's services.

An international operation involving law enforcement authorities from the United States, Belgium, Ukraine, Germany, and the Netherlands, with support from Europol and Eurojust, led to the seizure of xDedic's domains and infrastructure in January 2019.

Law enforcement estimated at the time of its takedown that fraudulent activities facilitated through the xDedic cybercrime market totaled more than $68 million.

Before its shutdown, xDedic's administrators operated servers worldwide, using cryptocurrency payments to hide the location of their servers and the identities of the buyers, sellers, and admins.

xDedic allowed users to buy stolen credentials to compromised servers worldwide and U.S. residents' personally identifiable information (PII).

"In total, xDedic offered more than 700,000 compromised servers for sale, including at least 150,000 in the United States and at least 8,000 in Florida," the Justice Department said.

Victims whose information was sold on the marketplace came from various industries and locations worldwide, including local, state, and federal government entities, hospitals, universities, metropolitan transport authorities, accounting and law firms, and pension funds.

Lead developer and marketplace admin already in prison

12 out of the 19 suspects charged following the international investigation into xDedic's activity have already been sentenced, five are scheduled to receive a sentence, and two are pending extradition from the United Kingdom.

Name (Age, Nationality) Offense of conviction Imprisonment term
Allen Levinson (31, Nigeria) Conspiracy to Commit Mail and Wire Fraud 78 months
T’Andre McNeely (33, California) Conspiracy to Commit Mail and Wire Fraud 78 months
Michael Carr (33, California) Conspiracy to Commit Mail and Wire Fraud 78 months
Dariy Pankov (29, Russia) Conspiracy to Commit Access Device & Computer Fraud 60 months
Glib Ivanov-Tolpintsev (29, Ukraine) Conspiracy to Commit Access Device & Computer Fraud 48 months
Alexandru Habasescu (31, Moldova) Access Device Fraud 41 months
Adedotun Adejumo (45, Oklahoma) Conspiracy to Commit Wire Fraud 33 months
Pavlo Kharmanskyi (32, Ukraine) Access Device Fraud 30 months
Joshua Spencer (29, New York) Conspiracy to Commit Access Device Fraud 28 months
Ibrahim Jinadu (36, Georgia) Conspiracy to Commit Wire Fraud 27 months
Brandon Williams (34, California) Conspiracy to Commit Mail and Wire Fraud 12 months
Harold McKinzie (29, Illinois) Wire Fraud 5 years probation
Bamidele Omotosho (42, Nigeria) Conspiracy to Commit Wire Fraud Sentence pending
Olayemi Adafin (38, UK) Conspiracy to Commit Wire Fraud Sentence pending
Olakunle Oyebanjo (29, UK) Conspiracy to Commit Wire Fraud Sentence pending
Akinola Taylor (38, UK) Conspiracy to Commit Wire Fraud Sentence pending
Oluwarotimi Ogunlana (29, Texas) Conspiracy to Commit Wire Fraud Sentence pending
Olufemi Odedeyi (42, UK) Conspiracy to commit wire fraud, aggravated id. theft Extradition pending
Oluwaseyi Shodipe (41, UK) Conspiracy to commit wire fraud, aggravated id. theft Extradition pending

Two xDedic administrators, Moldovan Alexandru Habasescu and Ukrainian Pavlo Kharmanskyi, were sentenced to 41 and 30 months in prison after being arrested in the Spanish Canary Islands in 2022 and the Miami International Airport in 2019, respectively.

Habasescu was also the market's lead developer and technical mastermind, while Kharmanskyi was the one who paid the admins, provided buyer support, and promoted the cybercrime website.

"Marketplace seller Dariy Pankov, a Russian national, was one of the highest sellers on the Marketplace by volume, listing for sale the credentials of more than 35,000 compromised servers located all over the world and obtaining more than $350,000 in illicit proceeds," the DOJ added.

"Nigerian national Allen Levinson was a prolific buyer on the Marketplace who held particular interest in purchasing access to U.S.-based Certified Public Accounting firms.

"He used the information he obtained from those servers to file hundreds of false tax returns with the United States government, requesting more than $60 million in fraudulent tax refunds."

Levinson was sentenced to 78 months in federal prison after his apprehension in the United Kingdom and extradition to the United States in 2020.

Last year, law enforcement also seized the Genesis stolen credentials market and arrested 288 dark web drug vendors and buyers as part of an international law enforcement operation codenamed Spector.

In June, the FBI seized the BreachForums hacking forum after arresting its owner Connor Brian Fitzpatrick (aka Pompompurin), in March.

Last but not least, in December, an international police operation led by Interpol led to the arrests of 3,500 cybercriminals and seizures of $300 million, while German police seized Kingdom Market, a dark web marketplace that dealt with cybercrime tools, drugs, and fake government IDs.

Related Articles:

Finland seizes servers of 'Sipultie' dark web drugs market

FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023

Washington courts' systems offline following weekend cyberattack

US warns of last-minute Iranian and Russian election influence ops

US disrupts Anonymous Sudan DDoS operation, indicts 2 Sudanese brothers