Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Dark web marketplace. Show all posts

U.S. Justice Department Shuts Down Rydox Cybercrime Marketplace

 

The U.S. Justice Department announced on Thursday the successful seizure and dismantling of Rydox, a notorious online marketplace for trafficking stolen personal information and cybercrime tools. In a coordinated operation with international law enforcement agencies, three individuals allegedly responsible for administering the site were arrested.

Since its inception in 2016, Rydox has been linked to over 7,600 illicit sales, generating significant profits by selling sensitive data such as credit card details, login credentials, and personally identifiable information (PII). Authorities reported that the platform offered 321,372 cybercrime products to a user base of more than 18,000 registered buyers, earning over $230,000 in revenue.

The Coordinated Crackdown

This operation involved multiple law enforcement agencies, including:

  • FBI’s Pittsburgh Office
  • Albania’s Special Anti-Corruption Body (SPAK)
  • National Bureau of Investigation (BKH)
  • Kosovo Special Prosecution Office
  • Kosovo Police
  • Royal Malaysian Police

Authorities apprehended two Kosovo nationals, Ardit Kutleshi (26) and Jetmir Kutleshi (28), in Kosovo. Both suspects will be extradited to the Western District of Pennsylvania to face charges including identity theft and money laundering. A third individual, Shpend Sokoli, was arrested in Albania and will face prosecution in his home country.

As part of the operation, law enforcement seized the domain Rydox.cc and its associated servers located in Kuala Lumpur, Malaysia. Additionally, U.S. authorities confiscated approximately $225,000 in cryptocurrency linked to the defendants, effectively dismantling the infrastructure supporting Rydox’s operations.

Global Cooperation in Combating Cybercrime

Eric Olshan, U.S. Attorney for the Western District of Pennsylvania, emphasized the importance of international collaboration in tackling cybercrime networks. “The harms can be devastatingly local,” Olshan stated, underlining how these crimes, though orchestrated globally, impact individuals and communities directly. He reiterated the Justice Department’s commitment to holding cybercriminals accountable.

Rydox has long symbolized the darker side of digital innovation, where stolen data is exploited for illicit profit. By providing a marketplace for cybercrime tools and sensitive information, it enabled thousands of buyers to commit fraudulent activities that affected both individuals and organizations.

Implications of the Takedown

The successful takedown of Rydox marks a significant victory in the fight against global cybercrime. It highlights the importance of multinational efforts in addressing online criminal networks. However, it also serves as a reminder of the persistent threats posed by similar platforms.

The arrests and dismantling of Rydox send a strong message to cybercriminals: no one is beyond the reach of international law enforcement agencies. This operation underscores the commitment of global authorities to combat cybercrime and protect victims from its devastating consequences.

Dark Web Sale Exposes 3.6 Crore Stolen AI Gaming Accounts


The widespread sale of credentials obtained from AI-based gaming platforms and services is a worrying trend in the cyber underworld, as shown by a new analysis by antivirus company Kaspersky. An astounding 3.6 crore credentials, including login and password information, have been stolen and sold on the dark web in the last three years. The increase in demand for online gaming and artificial intelligence (AI) services has unintentionally encouraged hackers to develop specialized malware known as info stealers to obtain user data.

Surge of info stealers: Threat to online security

Hackers aiming to take advantage of the growing demand for AI-driven services and online gaming platforms have turned to infostealers, a kind of malware that steals user login credentials covertly. These harmful applications use phishing assaults and other deceptive tactics, among other methods, to infect devices, both personal and corporate. 

Kaspersky reports that the majority of leaked credentials come from the popular gaming site Roblox, where almost 3.4 crore user accounts have been exposed due to malware-related data breaches. The research also reveals an astounding 33-fold rise in credentials that have been taken from OpenAI users, amounting to 6.64 lakh records, some of which are connected to ChatGPT, a popular chatbot service.

AI services under threat

The range of hacked AI services, which includes chatbots, voice generators, picture editing, and translation, highlights how widespread the problem is. The head of Kaspersky Digital Footprint Intelligence, Yuliya Novikova, emphasizes how important it is to have strong cybersecurity safeguards in place to thwart infostealer attacks and prevent the unauthorized use of user credentials.

Online precaution must against cyber threat

One of the biggest challenges to online security is the continued demand for stolen credentials, especially those related to artificial intelligence applications. The research notes that when ChatGPT's fourth version was released in March 2023, there was a noticeable increase in the attention of cybercriminals towards these accounts. The continued demand for credentials related to artificial intelligence, even after things have stabilized, highlights the persistent attraction of bad actors looking to profit from the mass use of these services.

It is crucial that people and organizations strengthen their defenses against infostealer attacks in light of these advancements. Proactive measures, such as strong security protocols and constant attention, are essential to reducing the risks posed by hostile actors operating in the shadows of the dark web as cyber threats continue to adapt and multiply.


STYX Marketplace: An Emerging Platform Aiding Financial Crimes


STYX, a new dark web marketplace is turning into a booming hub for purchasing and selling illicit services or stolen data. STYX is a new dark web marketplace that was launched earlier this year, and it seems to be on the right track for turning into a booming hub for purchasing and selling illicit services or stolen data. 

The platform provided services facilitating  financial crime like money laundering, identity theft, distributed denial-of-service (DDoS), bypassing two-factor authentication (2FA), fake or stolen IDs and other personal data, renting malware, using cash-out services, email and telephone flooding, identity lookup, and much more. 

The marketplace was officially launched on January 19. However, cyber analysts at threat intelligence at Resecurity, a threat intelligence company, claims to have sighted mentions of STYX on the dark web since early 2022, when the founders were still creating the escrow module. 

Apparently, STYX accepts payments using a variety of cryptocurrencies and has a dedicated section for approved vendors, in an effort to gain trust in the platform. 

All Things Financial-crime

Following the discovery of the notorious platform, it was further noted that STYX was involved in the post-pandemic menace of cyber-enabled financial crime. Adding to this is the threat it posses to financial institutions and their customers. 

STYX was discovered at the same time as Resecurity financial crime risk analysts noticed a sharp rise in threat actors providing services for money laundering that target cryptocurrencies and digital banking accounts. 

Resecurity’s research also determines some of the most used cyber-crime tactics by threat actors, namely cybercriminal cash-outs, and the use of virtual credit cards (VCCs) and NFC merchant terminals that are illicitly operated to aid in cybercrime activities. 

Moreover, the investigation led to the discovery of 100 mules account. Following which, the firm shared these accounts to the victims, allowing them to speedily identify money mule rings and other linked criminal organizations that were previously undetected. 

“Resecurity also identified a group of trending cash-out vendors that charge commissions based on the exact BIN of the card and brand of gift card,” the researchers stated in a report. 

Apparently, STYX accommodates a great number of cash-out shops across the world, that offers “clean” funds via Apply Pay, PayPal business accounts with merchant terminals, and other financial institutions in the U.S., U.K., and Canada. 

The emergence of STYX as a new platform for financially motivated cybercriminals demonstrates the continued profitability of the black market for services. 

To reduce the effectiveness of the services offered in these criminal markets, digital banks, online payment platforms, and e-commerce systems must accept the challenge and improve their KYC checks and fraud defenses.