ФБР взяло Deer.io на учет - Руководителя российского маркетплейса арестовали в США
ФБР взяло Deer.io на учет - Руководителя российского маркетплейса арестовали в США
Газета "Коммерсантъ" №43 от 11.03.2020, стр. 10
Сотрудники ФБР арестовали в США россиянина Кирилла Фирсова, которого считают руководителем маркетплейса Deer.io. На нем размещаются более 24 тыс. интернет-магазинов, в том числе продающих данные взломанных учетных записей. Даже потенциальное закрытие одной из платформ мало на них повлияет, считают эксперты в сфере кибербезопасности.
Сотрудники ФБР 7 марта арестовали в США Кирилла Фирсова, предположительного руководителя платформы Deer.io — конструктора интернет-магазинов для перепродажи взломанных учетных записей, следует из документов, опубликованных 10 марта профильными американскими интернет-ресурсами, включая ZDNet. ФБР проанализировало более 250 интернет-магазинов, размещенных на Deer.io, придя к выводу, что все они продавали доступ к взломанным учетным записям, серверам и личной информации. ФБР приобрело около 1 тыс. аккаунтов, чтобы удостовериться в подлинности информации, следует из обвинительного заключения. Кирилл Фирсов «не только управлял платформой, но и рекламировал ее на форумах для хакеров», отмечено в документе.
На платформе Deer.io пользователи могут размещать интернет-магазины за 800 руб. в месяц, оборот ее клиентов достиг 1,5 млрд руб. (период не уточняется), утверждается на ее сайте.
https://www.kommersant.ru/doc/4283863?from=main_11
***
FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts
10 MAR 20
FBI officials last week arrested a Russian computer security researcher on suspicion of operating deer.io, a vast marketplace for buying and selling stolen account credentials for thousands of popular online services and stores.
Kirill V. Firsov was arrested Mar. 7 after arriving at New York’s John F. Kennedy Airport, according to court documents unsealed Monday. Prosecutors with the U.S. District Court for the Southern District of California allege Firsov was the administrator of deer.io, an online platform that hosted more than 24,000 shops for selling stolen and/or hacked usernames and passwords for a variety of top online destinations.
***
FBI arrests Russian behind Deer.io, a Shopify-like platform for cybercrime
Feds say Deer.io has been hosting hundreds of online shops where hackers are selling hacked accounts.
Catalin Cimpanu
By Catalin Cimpanu for Zero Day | March 10, 2020 -- 05:50 GMT (22:50 PDT) | Topic: Security
US officials talk about all the methods the Chinese government and its agents have been using to target US companies and universities to steal intellectual property.
Read More
The FBI has arrested a Russian national believed to be behind Deer.io, a Shopify-like platform that hosts online stores where hackers advertise and sell hacked accounts and stolen user information.
The suspect, named Kirill Victorovich Firsov, was arrested on Saturday, March 7, at the John F. Kennedy Airport, in New York, according to an arrest warrant seen by ZDNet.
US officials say Firsov has been in charge and running the Deer.io platform since its launch in October 2013.
The site, which lets users host online stores for around $12/month, is believed to have hosted more than 24,000 shops and made more than $17 million, according to claims posted by Firsov on the Deer.io platform.
***
Authorities shut down xDedic marketplace for buying hacked servers
xDedic provided access to more than 85,000 hacked servers in its heyday.
Catalin Cimpanu
By Catalin Cimpanu for Zero Day | January 28, 2019 -- 18:50 GMT (10:50 PST) | Topic: Security
The FBI, together with authorities from several European countries, have seized the domain and servers of xDedic, a notorious online marketplace where cyber-criminals would sell and buy access to hacked servers. Three suspects were also arrested in Ukraine.
The site has been around since 2014, but it became widely known after a Kaspersky report published in June 2016.
According to the report, the site was operating as a registration-based online marketplace where several criminal groups would either put up for sale or buy hacked servers, usually in the form of compromised RDP (Remote Desktop Protocol) accounts.
At the time, Kaspersky said the site listed nearly 70,000 hacked servers, for prices as little as $8 per server. The xDedic server count later went up to 85,000, while prices bottomed out at $6, according to a Flashpoint report from 2017.
Investigators said xDedic listed servers from all over the globe and included compromised computers on the networks of local, state, and federal government infrastructure, hospitals, emergency services, major metropolitan transit authorities, accounting and law firms, pension funds, and universities
https://www.zdnet.com/article/authorities-shut-down-xdedic-marketplace-for-buying-hacked-servers/
***
Feds arrest Russian accused of running Deer.io, a website that sells stolen data
By Andrew Blake - The Washington Times - Tuesday, March 10, 2020
Kirill Victorovich Firsov, a Russian national accused of running a website dealing in the sale of stolen data, has been arrested in New York, the Department of Justice said Monday.
Mr. Firsov was apprehended Saturday at John F. Kennedy International Airport, federal prosecutors wrote in a filing entered in San Diego federal court.
He stands accused of managing the “Deer.io” site and accordingly enabling the sale of illegal goods and services including hacked and compromised data stolen from companies.
A probable cause statement cited by prosecutors describes Mr. Firsov as a “Russian cyber hacker” and administrator of Deer.io, “a Russian-based cyber platform” that essentially allows criminals to lease digital storefronts to sell their criminal products or services.
“Deer.io virtual stores offer for sale a variety of hacked and/or compromised U.S. and international financial and corporate data, Personally Identifiable Information (PII) and compromised user accounts from many U.S. companies. Individuals can also buy computer files, financial information, PII and usernames and passwords taken from computers infected with malicious software (malware) located both in the U.S. and abroad,” reads the court filing.
https://www.washingtontimes.com/news/2020/mar/10/feds-arrest-russian-accused-of-running-deerio-webs/
***
Like an Etsy for Hackers with Payments Similar to PayPal
By Bruce Sussman
TUE | MAR 10, 2020 | 10:11 AM PDT
One of the coolest things about Etsy.com is that it allows bakers and craft makers from around the world to create their own online store within the platform.
The result is that you can find unique gifts and the creatives behind each store can reach a market they never could have without the eCommerce site.
Now, U.S. officials have revealed details of what sounds like Etsy's evil twin.
Etsy's evil twin, making money for hackers and criminals
The site is called DEER.IO and it allows cybercriminals to create a store on the platform to sell their hacking products and services. Some of it may even be your data.
"DEER.IO started operations as of at least October 2013, and claims to have over 24,000 active shops with sales exceeding $17 million to date."
The U.S. Department of Justice revealed more about the site this week when it charged Kirill Victorovich Firsov with running DEER.IO.
What could you buy on the hacking marketplace?
The new court documents reveal the type of information you can purchase from the website:
"DEER.IO virtual stores offer for sale a variety of hacked and/or compromised U.S. and international financial and corporate data, Personally Identifiable Information (PII), and compromised user accounts from many U.S. companies. Individuals can also buy computer files, financial information, PII, and usernames
and passwords taken from computers infected with malicious software (malware) located both in the U.S. and abroad."
The DOJ says FBI agents from San Diego went shopping on the site. The items they purchased reveals how affordable it is to buy stolen data and account information:
"On or about March 4, 2020, the FBI purchased approximately 1,100 gamer accounts from the DEER.IO store ACCOUNTS-MARKET.DEER.IS for under $20 in Bitcoin."
Investigators then confirmed that hundreds of these were legitimate accounts that had been hacked. And then the agents continued to shop:
"On or about March 5, 2020, the FBI purchased approximately 999 individual PII accounts from the DEER.IO store SHIKISHOP.DEER.IS for approximately $170 in Bitcoin. On that same date, the FBI purchased approximately 2,650 individual PII accounts from the DEER.IO store SHIKISHOP.DEER.IS for approximately $522 in Bitcoin. From those identities, the FBI identified names, dates of birth and U.S. Social security numbers for multiple individuals who reside
in San Diego County."
Agents apparently used the site's search feature, which allows you to search for hacked data by company name or geographic location.
You can also buy "hacker-for-hire" services on the platform.
https://www.secureworldexpo.com/industry-news/like-an-etsy-for-hackers-with-payments-like-paypal