Ukrainian extradited to US for allegedly selling computer credentials: DOJ

The Department of Justice (DOJ) announced Wednesday that a Ukrainian hacker was extradited to the U.S. for allegedly selling computer passwords on the dark web.

Glib Oleksandr Ivanov-Tolpintsev, 28, was extradited to the U.S. for charges related to “conspiracy, trafficking in unauthorized access devices, and trafficking in computer passwords,” the DOJ said, according to a release.

Ivanov-Tolpintsev was presented before U.S. Magistrate Judge Julie Sneed on Tuesday.

Ivanov-Tolpintsev was first taken into custody last year by authorities in Korczowa, Poland, before his extradition. 

If convicted, he faces up to 17 years in federal prison. Sneed ordered the Ukrainian man to remain in prison pending his trial.

According to the DOJ, Ivanov-Tolpintsev and two other alleged conspirators operated a false e-commerce storefront through which they sold login credentials for computers around the world. This information was then allegedly used to facilitate a multitude of crimes including tax fraud and ransomware attacks.

Prosecutors estimate that Ivanov-Tolpintsev began this operation earlier than or around May 2016 in the Middle District of Florida and elsewhere. He carried out the thefts by creating a “botnet,” a network of computers that have been infected with malware without the knowledge of the system’s owners.

“During the course of the conspiracy, Ivanov-Tolpintsev stated that his botnet was capable of decrypting the login credentials of at least 2,000 computers every week. Ivanov-Tolpintsev then sold these login credentials on a dark web website that specialized in the purchase and sale of access to compromised computers,” the DOJ said.

Cybersecurity attacks have been on the rise in recent years, and in particular, during the pandemic. Cybersecurity firm Group-IB reported that ransomware attacks increased by 150 percent in 2020.

Earlier this year in June, Ukrainian authorities said they had uncovered a group of six hackers who engaged in ransomware attacks on computers from South Korea to the U.S., with damages reaching $500 million.

The hackers reportedly attacked three American institutions: Stanford University Medical School, the University of Maryland and the University of California.