DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Russian National Indicted in East Texas for Cyber Hacking Enterprise

Posted on March 23, 2022 by Dissent

Press release:

TYLER, Texas –A 23-year-old Russian man has been indicted in the Eastern District of Texas for offenses related to operating a cyber-criminal marketplace that sold thousands of stolen login credentials, personal identifiable information, and authentication tools, announced Eastern District of Texas U.S. Attorney Brit Featherston.

Igor Dekhtyarchuk, a resident and national of the Russian Federation (Russia), was named in an indictment returned by a federal grand jury on March 16, 2022, charging him with offenses related to operating a cyber-criminal marketplace that sold thousands of stolen login credentials, personal identifiable information, and authentication tools.

According to the indictment, Dekhtyarchuk operated Marketplace A, which claimed to have sold access to more than 48,000 compromised email accounts, more than 39,000 compromised online accounts, and averaged approximately 5,000 daily visitors.  Marketplace A specialized in the sale of unlawfully obtained access devices for compromised online payment platforms, retailers, and credit card accounts, including providing the data associated with those accounts such as names, home addresses, login credentials, and payment card data for the victims, who are the actual owners of those accounts.  Marketplace A’s business is known as a “carding shop” in the cyber-criminal world.

Dekhtyarchuk was the administrator of Marketplace A and was a Russian hacker who first appeared in hacker forums in November 2013 under the alias “floraby.”  Dekhtyarchuk began advertising the sale of compromised account data in Russian-language hacker forums in April 2018 and opened Marketplace A in May 2018.  Dekhtyarchuk immediately began advertising Marketplace A and the products it sold in May 2018.

A potential customer who visited Marketplace A to purchase access devices for compromised accounts could select different products just as in a legitimate web store.  The options included various combinations of online and credit card accounts for the same victim.  For example, one option allowed Dekhtyarchuk’s customers to purchase the information to unlawfully access two online retail accounts plus receive credit card information for the same victim.  Some options were broken down by known account balances, which were sold at different price points.

Dekhtyarchuk also sold the usage, in seven-day rental increments, of a program called “[Company A] Auth 1.0,” which was a downloadable software program that the customer could use to input the stolen access devices, and using the provided cookie, to access the compromised Company A accounts.

Beginning in March 2021 and ending in July 2021, the FBI through an online covert employee (OCE) made thirteen purchases of access devices from Dekhtyarchuk while accessing Marketplace A from the Eastern District of Texas.  Each purchase varied in number of accounts, ranging from three to twenty accounts, resulting in access devices purchased for a total of 131 accounts.  The OCE received the purchased access devices via link or Telegram messenger service shortly after completing each purchase.

Dekhtyarchuk has been placed on the FBI’s Cyber Most Wanted List.

“This case exemplifies the need for all of us, right now, to take steps to protect our online identity, our personal data, and our monetary accounts,” said U.S. Attorney Brit Featherston.  “Cyber-criminals are lurking behind the glow of computer screens and are harming Americans.  These investigations require dedicated professionals who work tirelessly to stop thieves that steal from unknowing innocent people.  To those who dedicate their lives to stopping cyber-criminals, we thank you.”

“The cyber-criminal marketplace operated by Dekhtyarchuk promoted and facilitated the sale of compromised credentials, personally identifiable information (PII), and other sensitive financial information,” said FBI Houston Special Agent in Charge Jim Smith.  “Cyber-criminal actors behind these marketplaces go to great length to obfuscate their true identities and often utilize other sophisticated methods to further anonymize their activities.  Success in these complex investigations is dependent on teamwork and collaboration between the FBI, our international partners, and our private sector partners.  It is only through our commitment, coordinated efforts and strategic partnerships that we will be able to defeat the cyber threat.”

If convicted, Dekhtyarckuk faces up to 20 years in federal prison.  A grand jury indictment is not evidence of guilt.  A defendant is presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

This case is being investigated by the Federal Bureau of Investigation Houston Cyber Task Force with the assistance of the FBI Dallas Field Office, the FBI Cyber Division, the National Cyber-Forensics & Training Alliance, the FBI Legal Attaché Riga office, and the State Police of Latvia.  This case is being prosecuted by Assistant U.S. Attorney D. Ryan Locker.

Source: U.S. Attorney’s Office, Eastern District of Texas


The FBI’s wanted poster:

igor-dekhtyarchuk

Related posts:

  • UGNAZI Leader @JoshTheGod and 23 Others Arrested For Credit Card Fraud
  • Justice Department Announces Five Cases as Part of Recently Launched Disruptive Technology Strike Force
  • Criminal Marketplace Disrupted in International Cyber Operation — DOJ
Category: Breach IncidentsID Theft

Post navigation

← Okta’s response to Lapsus$’s claimed hack has people asking, “Why didn’t you tell us in January?”
Ca: St. Joe’s fires employee who snooped into medical records of 49 patients ‘out of curiosity’ →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.