[TheRecord] Ukrainian indicted for running brute-force botnet, selling hacked PC accounts

The US Department of Justice announced today the extradition of a Ukrainian national from Poland on charges of selling access to compromised computer systems via a specialized marketplace on the dark web.

Glib Oleksandr Ivanov-Tolpintsev, 28, of Chernivtsi, Ukraine, stands accused of creating a botnet of compromised computers across the world.

According to court documents [PDF], for more than four years, the suspect operated this botnet in order to execute brute-force attacks that decrypted and guessed login credentials for computers across the world (believed to be RDP accounts).

US officials said that once Ivanov-Tolpintsev successfully validated the compromised credentials, they were put up for sale on 

All validated credentials were then sold on a dark web marketplace dedicated to the sale of compromised computer accounts. US officials said Ivanov-Tolpintsev sold the login credentials of at least 2,000 computers every week.

“Once sold on this website, credentials were used to facilitate a wide range of illegal activity, including tax fraud and ransomware attacks,” DOJ officials said in a press release.

Ivanov-Tolpintsev ran his operation from May 2016 to October 2020, when he was arrested in a small Polish village named Korczowa, just 1km away from the Polish-Ukrainian border.

Authorities said the Ukrainian faces up to 17 years in prison if found guilty on all charges, which include conspiracy, trafficking in unauthorized access devices, and trafficking in computer passwords.

The post Ukrainian indicted for running brute-force botnet, selling hacked PC accounts appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SecurityWeek] Bose Says Personal Information Compromised in Ransomware Attack

All posts, Security Week

Bose Corporation last week started sending out breach notification letters to inform some individuals of personal data being compromised in a cyberattack identified on March 7. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[HackerNews] Latest Apple iOS Update Patches Remote Jailbreak Exploit for iPhones

All posts, HackerNews

Apple on Monday released updates to iOS, macOS, tvOS, and watchOS with security patches for multiple vulnerabilities, including a remote jailbreak exploit chain as well as a number of critical issues in the Kernel and Safari web browser that were first demonstrated at the Tianfu Cup held in China two months ago. Tracked as CVE-2021-30955, the issue could have enabled […]

Read More

[SANS ISC] ISC Stormcast For Friday, December 17th, 2021 https://isc.sans.edu/podcastdetail.html?id=7800, (Fri, Dec 17th)

All posts, Sans-ISC

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Source: Read More (SANS Internet Storm Center, InfoCON: green)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.