19 Charged in Global Operation Against xDedic Darkweb Marketplace

Estimated read time 3 min read

The U.S. Department of Justice has unveiled the conclusion of a multinational inquiry into the dark web’s xDedic cybercrime marketplace, indicting 19 individuals for their roles in operating and utilizing the platform’s services.

A collaborative effort involving law enforcement agencies from the United States, Belgium, Ukraine, Germany, and the Netherlands, with support from Europol and Eurojust, resulted in the confiscation of xDedic’s domains and infrastructure in January 2019.

At the time of its dismantling, law enforcement approximated that illicit activities facilitated through the xDedic cybercrime market amounted to over $68 million.

Prior to its closure, xDedic’s administrators maintained servers globally, utilizing cryptocurrency payments to obfuscate server locations and the identities of buyers, sellers, and administrators.

xDedic permitted users to purchase compromised server credentials worldwide, including personally identifiable information (PII) of U.S. residents.

The Justice Department disclosed, “In total, xDedic offered more than 700,000 compromised servers for sale, including at least 150,000 in the United States and at least 8,000 in Florida.”

The victims, whose information was auctioned on the platform, hailed from diverse industries and locations worldwide, encompassing local, state, and federal government entities, hospitals, universities, metropolitan transport authorities, accounting and law firms, and pension funds. xDedic ‘s marketplace administrators already serving time.

Two xDedic administrators, Moldovan Alexandru Habasescu and Ukrainian Pavlo Kharmanskyi, received sentences of 41 and 30 months in prison, respectively, following their arrests in the Spanish Canary Islands in 2022 and at the Miami International Airport in 2019.

Habasescu, also the lead developer and technical mastermind, while Kharmanskyi handled admin payments, buyer support, and promoted the cybercrime website.

A screenshot of xDedic’s website

One of the marketplace’s top sellers, Dariy Pankov, a Russian national, was responsible for listing credentials of more than 35,000 compromised servers globally, amassing over $350,000 in illegal proceeds.

“Nigerian national Allen Levinson, a prolific buyer on the marketplace, had a keen interest in acquiring access to U.S.-based Certified Public Accounting firms.”

He utilized the acquired information to file hundreds of false tax returns with the United States government, attempting to secure over $60 million in fraudulent tax refunds. Levinson was sentenced to 78 months in federal prison after being apprehended in the United Kingdom and extradited to the United States in 2020.

In the previous year, law enforcement not only seized the Genesis stolen credentials market but also arrested 288 dark web drug vendors and buyers in an international operation codenamed Spector.

In June, the FBI took control of the BreachForums hacking forum, following the arrest of its owner, Connor Brian Fitzpatrick (aka Pompompurin), in March.

Lastly, in December, an international police operation led by Interpol resulted in the arrests of 3,500 cybercriminals and the confiscation of $300 million, while German police seized Kingdom Market, a dark web marketplace dealing with cybercrime tools, drugs, and counterfeit government IDs.

Mohamed Nabil Ali

A Trailblazing IT Expert, Technology Geek, and Bughunter.
Follow me on Twitter

You May Also Like

More From Author

+ There are no comments

Add yours