Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

US Police Detective Charged With Purchasing Stolen Credentials

Terrance Michael Ciszek is charged with buying stolen account credentials from the Genesis Market dark web marketplace.

The US Department of Justice has announced charges against a Buffalo police detective who allegedly bought stolen credentials and on an underground darkweb marketplace.

According to the indictment, 34-year-old Terrance Michael Ciszek (also known as DrMonster) purchased 11 packages on Genesis Market between March 16 and July 29, 2020, including 194 stolen account credentials.

Launched in 2018 as an invite-only marketplace, Genesis Market provided users with access to so-called bots, which were stolen browser fingerprints enabling miscreants to access services and systems while making the requests seem like coming from legitimate users.

These pre-made packages enabled cybercriminals to execute attacks quickly and steal funds or perform other types of fraud before their victims could spot the compromise.

In April 2023, law enforcement agencies in the US, Australia, and Europe announced the takedown of Genesis and the arrest of 120 individuals allegedly associated with the marketplace’s operations.

Ciszek, the indictment alleges, was interrogated on April 4, 2023, regarding his use of Genesis, and lied to the FBI, claiming he made no purchase on the marketplace and stating that his nephew might have been responsible for those purchases.

The indictment also alleges that Ciszek had cryptocurrency wallet addresses associated with the dark web carding website UniCC, and that he had recorded a video explaining his use of UniCC and how he was hiding his identity when purchasing stolen credit cards.

In the video he also praised UniCC, claiming that he was usually getting his credit cards from the website.

Advertisement. Scroll to continue reading.

Ciszek was charged “with possession of unauthorized access devices with intent to defraud and making a false statement to an agency of the United States, which carry a maximum penalty of 10 years in prison,” the DoJ announced.

Related: Anonymous Sudan DDoS Service Disrupted, Members Charged by US

Related: Russia Arrests 96 People Tied to US-Disrupted Cryptocurrency Exchanges

Related: UK Court Says Assange Can’t be Extradited on Espionage Charges Until US Rules Out Death Penalty

Related: Trump Confirms U.S. Launched Cyberattack on Russian Troll Farm in 2018

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.