A Moldovan national has been extradited from the United Kingdom to face charges related to allegedly running an online marketplace selling access to compromised computers.
Sandu Diaconu, 31, appeared in a Florida courtroom on Monday for his arraignment. According to a Department of Justice press release, Diaconu was an administrator for the E-Root Marketplace, which was taken down by authorities at the end of 2020. Buyers could allegedly seek out “compromised computer credentials” on the site, such as remote desktop and secure shell access, “by desired criteria such as price, geographic location, internet service provider, and operating system.”
According to the DOJ, the site used an online payment system called Perfect Money to conceal the chain of payments.
“It also offered its illicit cryptocurrency exchange service for the purpose of converting Bitcoin to Perfect Money and vice-versa,” the Justice Department said. “This exchange was also seized.”
Authorities estimate that credentials belonging to 350,000 devices were listed for sale on the marketplace, with victims spread globally. According to the release, one such victim was a local government agency in Tampa, Florida.
“Many victims were subject to ransomware attacks, and some of the stolen credentials listed on the Marketplace were linked to stolen identity tax fraud schemes,” they wrote.
Diaconu was arrested while trying to leave the U.K. in May 2021, and was ordered extradited to the U.S. last month by Westminster Magistrates’ Court.
Along with an unnamed co-defendant, he is charged with conspiracy to commit access device and computer fraud, wire fraud conspiracy, money laundering conspiracy, access device fraud, and computer fraud, which together carry a maximum penalty of 20 years in prison.
The FBI and its partners around the world have aggressively targeted cybercriminals in the last year, carrying out dramatic operations against the infrastructure that is the backbone of the digital underworld. In April, the agency led a takedown of Genesis Market, which coincided with the arrest of more than 100 accused cybercriminals connected to the dark web platform.
In September, the DOJ unveiled indictments against nine foreign nationals with alleged ties to Trickbot malware and the Conti ransomware group.
Get more insights with the
Recorded Future
Intelligence Cloud.
No previous article
No new articles
James Reddick has worked as a journalist around the world, including in Lebanon and in Cambodia, where he was Deputy Managing Editor of The Phnom Penh Post. He is also a radio and podcast producer for outlets like Snap Judgment.