The US Department of Justice (DoJ) on Thursday announced the closure of an illegal marketplace called Rydox (“rydox.ru” and “rydox(.)cc”) for selling stolen personal information, access devices and other tools for cybercrime and fraud.
Three Kosovo citizens and service administrators Ardit Kutlesi, Jetmir Kutlesi and Shpend Sakoli were arrested in tandem. Ardit Kutlesi and Jetmir Kutlesi are expected to be extradited to the US by Falcon, who was detained December 12, 2024 will be charged and prosecuted in Albania.
“Rydox Marketplace has conducted over 7,600 sales of personally identifiable information (PII), stolen access devices, and cybercrime tools, generating at least $230,000 in revenue since its inception in or around February 2016,” it said in the message of the Ministry of Justice. said in the statement.
This included credit card information and credentials stolen from thousands of victims living in the United States. Rydox is said to have advertised more than 321,372 cybercrime products such as scam pages, spam logs and spam tutorials to more than 18,000 users.
Court documents to reveal that users were required to register for an account to purchase or sell illegal products and services and deposit an amount of cryptocurrency into their accounts, which were then placed in a wallet controlled by the defendants.
Rydox also charged registered users a one-time fee ranging from $200 to $500 to become authorized sellers. These sellers received 60% of each sale on the marketplace, and Rydox kept the rest.
According to the charging document, an undercover source at the Federal Bureau of Investigation (FBI) registered a Rydox account, deposited the equivalent of $300 in cryptocurrency, and purchased approximately 40 “fulls,” which refers to a package containing individuals’ personal and financial information. . .
This included the victims’ full names, email addresses, residential addresses, phone numbers, social security numbers, dates of birth and driver’s license numbers.
In coordination with the operation, the FBI and the Royal Malaysian Police seized servers in Kuala Lumpur to take the site offline. Additionally, approximately $225,000 worth of cryptocurrency was seized from accounts controlled by the defendants.
Albanian authorities said they separately seized one computer and six laptops, five mobile phones and other storage devices, as well as documents and monetary assets in cryptocurrencies as part of an investigation into Sakoli’s arrest.
Ardit Kutlesha and Jetmir Kutlesha are charged with two counts of identity theft, one count of conspiracy to commit identity theft, one count of aggravated identity theft, one count of access device fraud and one count of money laundering. If convicted, they both face a maximum sentence of 37 years in prison.
Nigerian citizen extradited to US under BEC scheme
The development is underway as the Ministry of Justice announced the extradition of Abiola Kayode, 37, from Nigeria to face charges for his alleged involvement in a business email hacking (BEC) scheme from January 2015 to September 2016 to defraud businesses of more than $6 million.
“Kayode’s co-conspirators posed as the chief executive officer, president, owner or other executive officer of the target company,” the Justice Department said. “Using fake email accounts to appear as if they belonged to a real company executive, Kayode’s associates directed corporate employees or email recipients to make wire transfers.”
Kayode is alleged to have passed on bank account information to the conspirators. These bank accounts belonged to victims of online fraud who were instructed to transfer funds to other bank accounts.
In late October 2024, one of Kayode’s co-conspirators, 41-year-old Nigerian national Alex Ogunshakin, was convicted awarded to almost four years in prison. Then last week there was another 39-year-old Nigerian, Okechukwu Valentine Osuji. awarded up to eight years in prison for running a BEC scheme in several countries, including the US
Spain discovered the Vishing ring
The law enforcement action also coincides with the disruption of a phishing network that defrauded more than 10,000 bank customers in a joint operation led by Spanish and Peruvian officials. A total of 83 people were arrested in connection with the operation, including the leader of the cybercriminal group, 35 in various parts of Spain and 48 in Peru.
The individuals were linked to a phishing scam call center based in Peru that made thousands of phone calls every day in which they pretended to be bank employees and tricked users into providing verification codes, tricking them into believing the fraudulent charges and their accounts were blocked.
These codes were then passed on to other members of the group in Spain, who used them to withdraw cash from ATMs. The fraudulent scheme is estimated to have generated more than €3,000,000 ($3.15 million) in illegal profits.
“Once they had the money, they appropriated a percentage that ranged from 20 to 30% and transferred the rest to an organization in Peru through companies that send cash to other countries,” Spain’s Policía Nacional said. said.
The FSB of Russia detained a group of cybercriminals
In this regard, the Federal Security Service of Russia (FSB) stated that this is the case detained 11 executives and employees who allegedly ran a chain of call centers that engaged in large-scale financial fraud, netting them $1 million a day in illegal profits.
“Call centers” were part of an international organized criminal group that, under the guise of investment operations, committed mass fraud against citizens of the EU, Great Britain, Canada, Brazil, India, Japan, etc., the FSB said in a statement. said. “About 100,000 people living in more than 50 countries became victims of their illegal activities.”
The agency also claimed that the network “acted in the interest of the former defense minister of Georgia and the founder Milton GroupDavid Kezerashvili, who is now hiding in London.”
In April 2023 BBC published investigation (now discontinued) of a fraudulent global trading network called Milton Group that cheated unwitting customers. In Kezerashvili, however, there is rejected the accusationsstating that “I have nothing to do with the Milton Group or any call center scam”.
However, in early September 2024, the Prosecutor’s Office of Georgia said that more than $1 million in illegal call center fraud proceeds allegedly went into the bank accounts of Davit Kezerashvili and two family members.
