The Federal Bureau of Investigation recently took down a Russian-based online platform where various cybercrime products and services were being sold, the Department of Justice announced on Tuesday.
In addition to shutting down the platform, the FBI arrested its suspected administrator, alleged Russian hacker Kirill Victorovich Firsov.
Known as DEER.IO, the cyber platform allowed criminals to sell products or services through online storefronts in exchange for a fee. Active since at least October 2013, the platform claimed to have over 24,000 active shops and sales above $17 million.
Firsov, of Russian origin, was arrested on March 7 in New York City. He allegedly managed the DEER.IO platform and also advertised it on various cyber forums catered to hackers.
The virtual stores on DEER.IO offered hacked and compromised financial and corporate data from the United States and abroad, personally identifiable information (PII), and user accounts from U.S. companies. From these stores, miscreants could also buy files taken from infected computers located both in the U.S. and abroad.
No legitimate business was found to be advertising services or products to any of the DEER.IO storefronts, the DoJ says.
The online stores were hosted on Russian-controlled infrastructure, and the FBI was able to make purchases from DEER.IO storefronts hosted on Russian servers, the DoJ says. Shop owners were provided with an easy-to-use interface that facilitated the automated purchase and delivery of criminal goods and services.
Cybercriminals could purchase access to virtual shops via the DEER.IO platform, and then be guided through an automated setup process to upload products and services and configure crypto-currency wallets to collect payments.
As of 2019, storefronts could be purchased directly from the DEER.IO website for an 800 Rubles (~ $12.50) monthly fee, payable in Bitcoin or through various online payment methods, including the Russian based money transfer system WebMoney.
Miscreants could access the storefronts on the DEER.IO platform via web browsers and were also provided with a search function to find the information they were looking for. Purchases were conducted using crypto-currency or through WebMoney.
At the beginning of March 2020, the FBI managed to purchase gamer accounts from a DEER.IO store, being provided with a username and password for each account, as well as individual PII accounts that included names, dates of birth and U.S. Social Security numbers for individuals in San Diego County.
“Deer.io was the largest centralized platform, which promoted and facilitated the sale of compromised social media and financial accounts, personally identifiable information (PII) and hacked computers on the Internet. The seizure of this criminal website represents a significant step in reducing stolen data used to victimize individuals and businesses in the United States and abroad,” FBI Special Agent in Charge Omer Meisel stated.
Related: Microsoft Cracks Infrastructure of Infamous Necurs Botnet
Related: Authorities Take Down Cryptocurrency Mixing Service Bestmixer.io
