A Russian national is taking a trip to prison in the US after being found guilty of peddling stolen credentials on a popular dark web marketplace.
Hailing from Moscow, 27-year-old Georgy Kavzharadze sold his stolen wares between July 2016 and May 2021 on the Slilpp marketplace, which was taken down in 2021 following a coordinated effort from international law enforcement agencies.
He was arrested and then extradited just under a year later in May 2022, and has been detained since then. The US justice system did not state which country he was extradicted from but it clearly wasn't Russia.
That takedown led to the discovery of information about vendors on the site, of which Kavzharadze was one, including transactions and payment information. Wiretap data was also handed to US authorities by another country that identified site users' login credentials and IP addresses. Kavzharadze was arrested the following year.
According to the original indictment [PDF], the credentials sold by Kavzharadze included those for five different banks and went on to be abused in fraudulent transactions exceeding $5 million in value.
- When security gets physical: Mossad boss hints at less-than-subtle Stuxnet followup
- Mega money, unfathomable violence pervade thriving underground doxxing scene
- Data pilfered from Pentagon IT supplier Leidos
- China ponders creating a national 'cyberspace ID'
This sum has since been reduced to $1.2 million, the entirety of which he has been ordered to pay back as restitution.
The Russian sold more than 297,300 credentials on Slilpp and listed more than 626,000 over the course of his five-year tenure on the site, which also included running themed discount events such as Cyber Monday sales. Feds said "related PII" was sold alongside the logins for "online payment accounts, bank accounts, and other accounts." The people who purchased those login credentials used those credentials to steal money from victim accounts.
Feds were able to confidently link more than $200,000 worth of Bitcoin withdrawals to Kavzharadze from the Slilpp site between 2016 and 2018 – a sum worth more than $450,000 at today's exchange rate.
The Slilpp takedown in 2021 was big news. It had been operating for nearly a decade by that point, and authorities said more than 80 million credentials were sold during that time, racking up estimated damages to the tune of more than $200 million.
"The Slilpp marketplace allegedly caused hundreds of millions of dollars in losses to victims worldwide, including by enabling buyers to steal the identities of American victims," said then-acting assistant attorney general Nicholas L McQuaid of the Justice Department's Criminal Division at the time.
"The department will not tolerate an underground economy for stolen identities, and we will continue to collaborate with our law enforcement partners worldwide to disrupt criminal marketplaces wherever they are located."
Credentials for more than 1,400 different account providers were listed during Slilpp's time and authorities likened it to Amazon and eBay for selling credentials. ®