Security Experts:

Connect with us

Hi, what are you looking for?



Carding Website Operator Extradited to United States

The Department of Justice announced on Friday that a Macedonian citizen charged with crimes related to operating a cybercrime marketplace has been extradited to the United States.

The Department of Justice announced on Friday that a Macedonian citizen charged with crimes related to operating a cybercrime marketplace has been extradited to the United States.

Djevair Ametovski, 29, known online as “Codeshop,” “Sindrom” and “Sindromx,” is believed to be the operator of, a website that specialized in selling stolen payment card information.

Ametovski has been charged with aggravated identity theft, access device fraud conspiracy, and wire fraud conspiracy. The suspect was extradited from Slovenia, where we was arrested in January 2014.

According to U.S. authorities, the man acquired credit and debit card data from hackers who had stolen it from financial institutions, businesses, or directly from individuals via phishing attacks. In many cases, the data also included the victim’s name, email address, billing address and phone number.

Investigators believe Ametovski used his carding website to buy and sell data associated with more than 181,000 payment cards between 2010 and 2014. The suspect is said to have used a network of online payment services and digital currencies to conduct transactions without exposing his identity or the identities of his suppliers and customers.

The complaint unsealed last week noted that the website was primarily leveraged by individuals who encoded plastic cards with stolen data, which they used to withdraw cash from ATMs. Buyers could search the marketplace for specific types of data based on bank identification number, financial institution, country, state and card brand.

Authorities said the scheme caused losses of millions of dollars to thousands of victims from all across the world.

“Today’s extradition of alleged cybercriminal Djevair Ametovski from Central Europe is the culmination of a seven-year investigation and demonstrates the relentless pursuit by the Secret Service and its international partners to bring cybercriminals to justice,” said David E. Beach, Special Agent in Charge at the Secret Service’s New York field office.

“Multinational cyber investigations require establishing critical partnerships with our international law enforcement partners. The immeasurable assistance provided to our New York Electronic Crimes Task Force by the Slovenian Authorities in this case illustrates that our investigative reach will continue to expand beyond the borders of the United States,” Beach added.

Last year, the U.S. Department of State announced that it’s prepared to offer a total of $3 million for information leading to the arrest or conviction of two Russian nationals suspected of being involved in the operation of, a forum whose members specialized in trafficking and manufacturing stolen and counterfeit payment cards and identification documents.

Related Reading: EMV, IoT and Board Agendas Shape Cyber Fraud

Related Reading: SpyEye Developers Sentenced to 24 Years in Prison

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.


Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.