Ukrainian cyber criminal extradited for decrypting the credentials of thousands of computers across the world and selling them on a dark web website

 

Avi: Kontni Istorik


Sa a se yon dokiman achiv oswa istorik e li ka pa reprezante lwa, règleman oswa pwosedi aktyèl yo.

Date: September 8, 2021

Contact: newsroom@ci.irs.gov

Tampa, FL — Acting United States Attorney Karin Hoppmann announces the extradition of Glib Oleksandr Ivanov-Tolpintsev (Chernivtsi, Ukraine) in connection with charges of conspiracy, trafficking in unauthorized access devices, and trafficking in computer passwords. If convicted on all counts, he faces a maximum penalty of 17 years in federal prison. The indictment also notifies Ivanov-Tolpintsev that the United States intends to forfeit $82,648, which is alleged to be traceable to proceeds of the offenses.

Ivanov-Tolpintsev was taken into custody by Polish authorities in Korczowa, Poland, on October 3, 2020, and extradited to the United States pursuant to the extradition treaty between the United States and the Republic of Poland. Ivanov-Tolpintsev was presented on September 7, 2021, before United States Magistrate Julie S. Sneed, and ordered detained pending trial.

According to the indictment, Ivanov-Tolpintsev controlled a "botnet," which is a network of computers infected with malware and controlled as a group without the owners' knowledge. He used the botnet to conduct brute-force attacks designed to decrypt numerous computer login credentials simultaneously. During the course of the conspiracy, Ivanov-Tolpintsev stated that his botnet was capable of decrypting the login credentials of at least 2,000 computers every week. Ivanov-Tolpintsev then sold these login credentials on a dark web website that specialized in the purchase and sale of access to compromised computers. Once sold on this website, credentials were used to facilitate a wide range of illegal activity, including tax fraud and ransomware attacks.

An indictment is merely a formal charge that a defendant has committed one or more violations of federal criminal law, and every defendant is presumed innocent unless, and until, proven guilty.

The investigation was led by the Tampa Division of the Federal Bureau of Investigation, the Internal Revenue Service—Criminal Investigation's Tampa Field Office, and Homeland Security Investigations - Tampa Division. Substantial assistance was provided by the Department of Justice's Office of International Affairs and the Internal Revenue Service—Criminal Investigation Cyber Crimes Unit in Washington, D.C. This investigation also benefited from foreign law enforcement cooperation by the Polish National Police, the Polish Prosecutor's Office, and the Polish Ministry of Justice. It will be prosecuted by Assistant United States Attorney Carlton C. Gammons.