Police shuts down Rydox cybercrime market, arrests 3 admins
Albanian law enforcement has seized the Rydox cybercrime marketplace and arrested three administrators in collaboration with international partners.
Kosovo nationals Ardit Kutleshi, Jetmir Kutleshi, and Shpend Sokoli were arrested on Thursday by Kosovo law enforcement and Albania's Special Anti-Corruption Body (SPAK). The U.S. Justice Department indicted the first two for involvement in Rydox's operations, and they're awaiting extradition to the United States.
Ardit Kutleshi and Jetmir Kutleshi face multiple charges related to their Rydox admin roles, including two counts of identity theft, conspiracy to commit identity theft, aggravated identity theft, access device fraud, and money laundering. If convicted, each could receive five years for each charge, 10 years for access device fraud, and up to 20 years for money laundering.
Since February 2016, Rydox marketplace sellers have been involved in over 7,600 sales of credit card information, login credentials, and personal information such as social security numbers, names, and addresses stolen from thousands of U.S. citizens and various cybercrime tools and devices.
Rydox also offered for sale over 321,000 other "cybercrime products" to more than 18,000 users, including tools and materials for committing cyber crimes, such as tutorials and spam tools.
According to the indictment, registered users had to deposit a sum of cryptocurrency into their accounts before making a purchase via Perfect Money, Ethereum, Litecoin, Bitcoin ("BTC"), Monero, Ripple, Tron, or Verge payments deposited into a cryptocurrency wallet controlled by Rydox.
They could use the funds to purchase illicit products, services, tools, and programs from Rydox sellers. However, once the funds were deposited, they were under the defendants' control, who controlled the Rydox cryptocurrency wallets.
Rydox also charged registered users a one-time fee (that fluctuated between the equivalent of $200 to $500) to become authorized sellers on the marketplace. Rydox authorized sellers received 60% of the sale proceeds, while the market retained 40% from every sale.
The United States also obtained judicial authorization to seize the Rydox[.]cc domain, used to access the cybercrime marketplace's website.
Today, the FBI also seized servers in Kuala Lumpur that hosted the Rydox illicit marketplace with the help of the Royal Malaysian Police and took the website offline. The U.S. also received authorization to seize about $225,000 in cryptocurrency from the defendants' accounts.
The operation was carried out with the help of the FBI's Pittsburgh Office, Albania's National Bureau of Investigation (BKH), the Albanian Directorate of Cybercrime Investigation, the Kosovo Special Prosecutor's Office, the Kosovo Police, and the Malaysian Royal Police.
"The Rydox marketplace was a one-stop shop where upwards of 18,000 of its cybercriminal customers could choose from more than 300,000 cybercrime tools," said U.S. Attorney Eric G. Olshan on Thursday.
"While cybercrime often involves conduct occurring overseas and the actions of foreign nationals, its harms can be devastatingly local, with residents in our own communities suffering financial ruin as a result of the theft and misuse of their sensitive personal information."
Earlier this month, eight members of an international cybercrime network who set up fraud centers in rented Airbnb properties to steal millions of Euros from victims were arrested in Belgium and the Netherlands.
German law enforcement also shut down the country's largest online cybercrime marketplace and the Manson cybercrime market, arresting key suspects.
source: BleepingComputer
Free security scan for your website
Top News:
CISA orders federal agencies to secure Microsoft 365 tenants
December 18, 2024Microsoft fixes exploited zero-day (CVE-2024-49138)
December 11, 2024Facebook, Instagram, WhatsApp hit by massive worldwide outage
December 12, 2024Citrix shares mitigations for ongoing Netscaler password spray attacks
December 14, 2024Lynx ransomware behind Electrica energy supplier cyberattack
December 12, 2024