The U.S. Department of Justice declared a significant breakthrough on Friday, officially concluding its extensive investigation into the notorious xDedic dark web marketplace. The operation resulted in the dismantling of a sophisticated multinational criminal network, leading to charges against 19 individuals involved in various capacities, including administrators, site developers, buyers, and customer service representatives.
Illegal Operations and Impact
Before its shutdown by authorities in 2019, xDedic Marketplace gained notoriety for illicitly trading login credentials to servers and the personal information of U.S. residents, encompassing Social Security numbers and birthdates. Shockingly, the site listed over 700,000 compromised servers for sale, impacting at least 150,000 in the United States and approximately 8,000 in Florida alone, as revealed by U.S. Attorney Roger B. Handberg of the Middle District of Florida during the Friday announcement.
Investigation and Charges
In the aftermath of the January 2019 takedown, the U.S. attorney’s office meticulously investigated and charged individuals across all levels of xDedic’s operations. This included administrators, server sellers, and buyers, reflecting the comprehensive nature of the international probe.
- Administrators Alexandru Habasescu and Pavlo Kharmanskyi were sentenced to 41 and 30 months in prison, respectively.
- Dariy Pankov, a top Russian seller on xDedic, was sentenced to 60 months in federal prison for listing over 35,000 compromised servers.
- Nigerian national Allen Levinson, a prolific buyer, received a 78-month sentence for targeting U.S.-based certified public accounting firms in a tax fraud scheme.
The charges ranged from conspiracy to commit wire fraud to access device or computer fraud, emphasizing the diverse criminal activities associated with the xDedic marketplace.
The January 2019 takedown had international implications due to xDedic’s distributed infrastructure. Since then, the U.S. Department of Justice collaborated with law enforcement agencies in Belgium, Ukraine, Europol, the Dutch National Police, and the German Bundeskriminalamt for the extradition and trial of suspects.
FBI, IRS, and International Collaboration
The FBI, IRS, DOJ, and the Department of Homeland Security spearheaded the investigation, highlighting the broad international cooperation that played a crucial role in its success.
“This investigation also benefited greatly from cooperation with foreign law enforcement in Belgium, Georgia, Germany, Poland, Spain, the United Kingdom, Romania, Switzerland, Estonia, Latvia, Bulgaria, Ukraine, Lithuania, and Moldova,” Handberg stated.
- What was xDedic known for?
xDedic was infamous for illegally selling login credentials to servers and personal information, including Social Security numbers and birthdates.
- How many servers were listed on xDedic?
The site listed over 700,000 compromised servers for sale, impacting at least 150,000 in the United States.
- Which agencies led the investigation?
The FBI, IRS, DOJ, and Department of Homeland Security led the investigation, with extensive international cooperation.