On Thursday, a Ukrainian man (a 28-year-old) was sentenced to four years in federal prison for selling decrypted usernames and passwords online and ordered to pay back illegal profits.
In an interview with some of his co-conspirators, Glib Oleksandr Ivanov-Tolpintsev from Chernivtsi in southwest Ukraine asserted that he was able to breach the security mechanisms of over 2,000 systems every week using brute force attacks against an automated botnet of his, which he controlled.
A number of details came to light concerning his case last year when details emerged of sloppy errors that led the authorities to link him to the sold credentials.
Here below we have mentioned all the sloppy errors:-
Vape shop receiptsPassport scansPictures on Google Photos
As a result of stolen credentials being sold on the dark web, threat actors are able to use these credentials for diverse attacks, such as proxies to hide their activity from being observed by the authorities.
Over 100 credentials in Florida (Middle District), where Ivanov-Tolpintsev was sentenced, were found listed for sale by the Tampa Division of the FBI and the IRS between 2017 and 2019.
Over 700,000 compromised servers were listed on the marketplace, with 150,000 coming from the US. All these servers were advertised to criminals to perform ransomware attacks or commit tax fraud.
In an attempt to make a profit on the dark web, the Ukrainian allegedly used an alias called “Mars” to sell access to 6,704 computers, earning a total of $82,648 after selling them for