A top Russian-based stolen accounts broker deer.io was taken down by the FBI on Tuesday (March 24th) with its suspected operator — security researcher Kiril Victorovich Firsov — arrested by FBI agents on March 7 in NYC upon arriving at New York’s John F. Kennedy Airport.
Firsov was charged with crimes related to the hacking of US companies in harvesting corporate and financial data, customers’ personal information and user accounts.
According to a federal complaint, deer.io virtual stores offered for sale a variety of hacked or compromised US and international sensitive (financial, corporate, etc.) data and user accounts from many different companies, mostly based in the US.
Picks for you
Individuals could also buy computer files and entire databases as well as data harvested from malware-infected computers both within the territory of the US and abroad.
$17 million worth data heist
The indictment against Firsov claims deer.io to be responsible for $17 million worth of stolen credential and personal data sales since the marketplace launched its operations in October 2013. Firsov is next scheduled to appear on April 16, 2020, before U.S. Magistrate Judge Allison H. Goddard.
“There is a robust underground market for hacked stolen information, and this was a novel way to try to market it to criminals hoping not to get caught,” said U.S. Attorney Robert Brewer. “Hackers are a threat to our economy, and our privacy and national security, and cannot be tolerated.”
FBI Special Agent in Charge Omer Meisel stated, that Deer.io was the largest centralized platform, which promoted and facilitated the sale of compromised social media and financial accounts, personally identifiable information (PII) and hacked computers on the internet.
According to Meisel, the seizure of this criminal website represents a significant step in reducing stolen data used to victimize individuals and businesses in the United States and abroad.
The FBI informs, that it will continue to be at the forefront of protecting Americans from foreign and domestic cybercriminals.