Abdellah Belmili, a 26-year-old Algerian national, was recently arrested in Spain and extradited to the United States, where he faces up to 30 years in prison for allegedly running two cybercrime marketplaces.
According to the US Justice Department, Belmili, also known as Dila Belmili and Spox, was the administrator of a cybercrime marketplace called Market0Day between September and December 2020.
Authorities said Spox was known for developing phishing kits targeting major American financial institutions.
The US investigators who targeted the Market0Day website successfully purchased a JPMorgan Chase phishing kit and access to a compromised email server in December 2020.
Shortly after, Spox announced that he was no longer the administrator of Market0Day and instead had created a new marketplace named Spoxy, where cybercriminals could acquire ‘bulk SMS’ services, which enabled them to conduct mass phishing and other campaigns through text messages.
“During the course of the conspiracy, Belmili is accused of defrauding multiple institutions, including American Express, Bank of America, JPMorgan Chase, and Wells Fargo, as well as financial institutions in the United Kingdom,” the Justice Department said.
It added, “Between January 2020 and January 2023, approximately $900,000 was deposited into an account controlled by Belmili. The investigation has also identified approximately 5,600 U.S. and international victims.”
Belmili is in custody after being charged with conspiracy to commit bank fraud.
While the crimes allegedly committed by the Algerian national took place several years ago, the US has recently shown that it will prosecute cybercriminals long after their crimes. A Romanian man was recently extradited to the United States for his alleged role in a hacking scheme dating back 17 years.
Related: Russian Initial Access Broker Behind FortiBleed Campaign
Related: Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges
Related: Dutch Police Dismantle Massive 17-Million-Device Botnet
