Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Moldovan Operator of Credential Marketplace Sentenced to US Prison

Sandu Diaconu has been sentenced to 42 months in prison for operating a marketplace for compromised credentials.

Hacker sentenced

A Moldovan national has been sentenced to 42 months in prison in the US for operating an illicit marketplace on which hundreds of thousands of compromised credentials were offered for sale.

According to court documents, the man, Sandu Boris Diaconu, 31, created and managed E-Root Marketplace, a series of websites for selling access to compromised systems.

Diaconu was arrested in the UK in May 2021 and extradited to the US in October 2023. He pleaded guilty in December 2023.

Operating across a distributed network, E-Root Marketplace allowed buyers to search for various types of stolen credentials, including RDP and SSH, using criteria such as price, location, operating system, and internet service provider.

The marketplace also took steps to conceal the identity of administrators, sellers, and buyers, including by using the online payment system Perfect Money.

The E-Root Marketplace domain names were seized in 2020 along with an illicit cryptocurrency exchange service that allowed individuals to convert Bitcoin to and from Perfect Money.

According to court documents, the marketplace listed for sale more than 350,000 compromised credentials, including those of a local government agency in Tampa.

The usernames and passwords allowed buyers to steal information from victim computers or manipulate files on them. Many of the victims were targeted in ransomware attacks, while others in stolen identity tax fraud schemes.

Advertisement. Scroll to continue reading.

Diaconu was sentenced to 42 months in prison and 36 months of supervised release for “conspiracy to commit access device and computer fraud and possession of 15 or more unauthorized access devices”.

Related: LockBit Ransomware Affiliate Sentenced to Prison in Canada

Related: Russian TrickBot Malware Developer Sentenced to Prison in US

Related: Owner of Cybercrime Website BreachForums Sentenced to Supervised Release

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Kim Larsen is new Chief Information Security Officer at Keepit

Professional services company Slalom has appointed Christopher Burger as its first CISO.

Allied Universal announced that Deanna Steele has joined the company as CIO for North America.

More People On The Move

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.