Feds Shut Down Russian Hacking Site, Arrest Manager

SAN DIEGO (CN) – The FBI on Tuesday shut down a cyber-platform that had more than $17 million in sales for criminal products and services — the largest centralized platform for purchasing compromised social media and financial accounts — following the arrest of its administrator, a Russian hacker who stole customer information from U.S. companies.

DEER.IO was shut down Tuesday based on a seizure order from the U.S. District Court for the Southern District of California.

The U.S. Attorney’s Office noted that the website’s manager, 28-year-old Kirill Victorovich Firsov, was arrested March 7 in New York City after advertising his platform on other cyber-forums that cater to hackers.

If convicted, Firsov faces a maximum sentence of 10 years in prison and a $250,000 fine.

FBI Special Agent in Charge Omer Meisel said in a statement the seizure would cause a significant hit.

“The seizure of this criminal website represents a significant step in reducing stolen data used to victimize individuals and businesses in the United States and abroad,” Meisel said.

Since October 2013, the DEER.IO hacker platform allowed 24,000 active virtual stores to sell hacked or compromised U.S. and international financial and corporate data, personally identifiable information and compromised user accounts from U.S. companies, according to the 6-page complaint.

The platform was easy to use and allowed for the automated purchase and delivery of criminal goods and services. Cybercriminals looking to purchase hacked accounts from specific companies or personally identifiable information from specific countries could use a search function on the platform to find what they were looking for, according to the complaint.

Users paid for their purchases with cryptocurrency such as bitcoin or through Russian-based money transfer systems.

Storefronts were purchased for 800 rubles, approximately $12.50 a month, and paid through Russian payment methods such as the money-transfer platform WebMoney.

Individuals could also buy computer files, financial information and usernames and passwords stolen from computers infected with malware.

Victims of the compromised data are largely located in Europe and the United States, according to the complaint.

Among purchases from DEER.IO storefronts hosted on Russian servers, the FBI on March 4 bought approximately 1,100 gamer accounts from the store ACCOUNTS-MARKET.DEER.IS for under $20 in bitcoin.

The accounts purchased by the FBI included the username and password for each account. Of the 1,100 gamer accounts, 249 accounts were hacked from a business identified as Company A in the complaint, prosecutors say.

The company confirmed to the FBI that a hacker with access to a username and password could use the account, which provided access to the user’s entire media library and often had linked payment methods.

On March 5, the FBI purchased 999 individual personally identifiable information accounts from the DEER.IO store SHIKISHOP.DEER.IS for approximately $170 in bitcoin. The FBI purchased another 2,650 individual personally identifiable information accounts later the same day for approximately $522 in bitcoin.

Several individuals residing in San Diego County were identified by the FBI using the names, dates of birth and U.S. Social Security numbers from the information purchased on DEER.IO.

Firsov is scheduled to be arraigned April 16.

%d bloggers like this: