Botnet operator had thousands of hacked credential listings, according to the DoJ

Ukrainian hacker sentenced for selling account credentials on the dark web

A Ukrainian hacker has been sentenced to four years behind bars for selling stolen credentials online.

On Thursday (May 12), the US Department of Justice (DoJ) said that Glib Oleksandr Ivanov-Tolpintsev, from Chernivtsi, Ukraine, was sentenced to time in federal prison for operating a botnet designed to brute-force attack servers.

DON’T MISS Marcus Hutchins on halting WannaCry – ‘Still to this day it feels like it was all a weird dream’

Botnets are slave networks made up of compromised computers and other devices. Operators can direct these networks to slam online services with traffic, known as distributed denial-of-service (DDoS) attacks.

Furthermore, botnets can be commanded to attempt to crack credentials by automatically applying trial-and-error username and password combinations.

Rogue operation

According to the DoJ filing, Ivanov-Tolpintsev’s botnet was used to “decrypt numerous computer login credentials simultaneously”. At its peak, roughly 2,000 machines were targeted and compromised each week.

From 2017 to 2019, the cyber-attacker operated a store on the dark web and sold hacked credentials in their thousands. Businesses in Florida owned at least 100 servers listed by the 28-year-old.

Read about more of the latest cyber-attacks

The scheme was profitable – at least, until he was caught – and prosecutors estimate that the dark web store turned over a minimum of $82,648.

Ivanov-Tolpintsev was tracked to Korczowa, Poland, and was arrested by local law enforcement on October 3, 2020. He was then extradited to the US and pleaded guilty to conspiring to traffic in unauthorized access devices and computer passwords.

As part of his sentence, Ivanov-Tolpintsev must also forfeit his cybercrime proceeds.

The case was investigated by the IRS and the Tampa Division of the FBI.

YOU MIGHT ALSO LIKE Researcher stops REvil ransomware in its tracks with DLL-hijacking exploit