Login

Register

Login

Register

FBI arrests alleged owner of Deer.io, top market for stolen accounts – Naked Security


The FBI on Saturday arrested the alleged owner of Deer.io: a Russia-based marketplace for buying and selling credentials for hacked accounts siphoned off of malware-infected computers, victims’ personally identifiable information (PII), as well as financial and corporate data.

According to the arrest warrant, the suspect, Kirill Victorovich Firsov, was arrested at the John F. Kennedy Airport, in New York.

The unsealed indictment claims that Deer.io started up around October 2013 and claims to host over 24,000 active shops. They’re doing brisk business, with sales exceeding $17 million to date, selling hacked accounts for video streaming services like Netflix and Hulu and social media platforms such as Facebook, Twitter and Vkontakte (the Russian equivalent of Facebook). It also sells phony social media accounts, which are popular for crooks running online dating scams.

Court documents claim that Firsov is a Russian hacker and allegedly the administrator of Deer.io. He not only managed the platform, the indictment alleges; he also advertised it on other cyber forums that catered to hackers.

Out of all the shops on Deer.io, the FBI still hasn’t found a single legitimate business advertising its services and/or products, and it’s been looking. The Bureau reviewed about 250 storefronts and found thousands of compromised accounts posted for sale, including gamer accounts, along with files containing user names, passwords, US taxpayer IDs, dates of birth, and addresses for victims, who are largely located in Europe and the US.

Deer.io offers a “turnkey” online storefront design and hosting platform on Russian servers that are beyond the reach of US law enforcement, according to court papers. Besides helping cybercrooks to advertise and sell their products, much like an underworld Shopify or Squarespace, Deer.io also offers services, such as help with criminal hacking.

Buying a storefront to peddle your criminal products and services is quite cheap at around 800 Russian Rubles (USD $11) per month, and Deer.io guides the seller through an automated set-up to upload their wares and to configure cryptocurrency wallets to collect payments.

A criminal who wants to purchase from stores on the Deer.io platform can just use a web browser – there’s no fussing with tools to get to Dark Web hidden sites. The site even contains a search function, so buyers can search for hacked accounts from specific companies or PII from specific countries.

Earlier this month, the FBI went shopping. It bought approximately 1,100 compromised gamer accounts from a Deer.io store for under $20 in Bitcoin. That got it user names and passwords – which would be enough to enable someone to make purchases from those accounts at the expense of their real owners.

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW