Up to 19 individuals have been charged following an investigation into the xDedic marketplace, U.S. Attorney Roger B. Handberg said on Thursday. The 19 people charged were the admins of xDedic and buyers and sellers who used the site.
The now-defunct xDedic marketplace — taken down in 2019 — was used to sell stolen credentials for servers around the world, as well as stolen personal data, like the dates of birth and Social Security numbers of U.S. residents. The servers sold on xDedic were used to facilitate criminal schemes like tax fraud and ransomware attacks.
“Marketplace victims spanned the globe and industries, including local, state, and federal government infrastructure, hospitals, 911 and emergency services, call centers, major metropolitan transit authorities, accounting and law firms, pension funds, and universities,” a press release from the U.S. Attorney’s Office said.
‘xDedic’ Marketplace Was Used to Sell Credentials for Over 700,000 Servers
In total, xDedic was used to sell access to 700,000 compromised servers, including at least 150,000 in the U.S. and 8,000 in Florida.
“The xDedic administrators practiced exceptional operational security, operating the website across a widely distributed international network, and utilizing cryptocurrency in order to hide the locations of the Marketplace’s underlying servers and the identities of its administrators, sellers, and buyers,” the press release said.
xDedic is just one of several dark web markets that have been shut down. Over the past few years, law enforcement has taken down many other major dark web markets, including Hydra, Genesis, DarkMarket, and PIILOPUOTI.
As a result of this crackdown, cybercriminals are shifting to anonymous messaging services such as Telegram.
19 Individuals Charged
Among the people charged was Alexandru Habasescu, the lead developer and “technical mastermind” of the marketplace, who was sentenced to 41 months in prison. A co-administrator from Ukraine — who advertised services and provided customer support, among other things — was sentenced to 30 months.
Russian national Dariy Pankov, one of the top sellers on xDedic, was sentenced to 60 months for selling over 35,000 server credentials and earning over $350,000.
“Pankov’s criminal activities were facilitated by a powerful malicious software program he developed named “NLBrute,” that was capable of compromising protected computers by decrypting login credentials,” the press release said.
Furthermore, Nigerian buyer Allen Levinson, described as a “prolific buyer” on xDedic who targeted U.S.-based public accounting firms and requested over $60 million in fraudulent tax refunds, was sentenced to 78 months in prison.
U.S. law enforcement collaborated with law enforcement agencies in Ukraine and Belgium, the National High Tech Crime Unit from the Dutch National Police, the German Bundeskriminalamt, and Europol to takedown xDedic.
Safeguarding Your Data From Cybercriminals
It’s important to practice proper cyber hygiene and take steps to safeguard your data from cybercriminals. We recommend using strong passwords on all your accounts, enabling multi-factor authentication (or passkeys if possible), and using a reliable virtual private network (VPN) service and a top-rated antivirus solution. Also, desist from sharing sensitive personal information on social media, as threat actors can use these details to target you.
For more cybersecurity tips, check out our guide to staying safe online.
For more news, follow us on X (Twitter), Threads, and Mastodon!
