Cyber Security

FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals

Sep 07, 2024Ravie LakshmananCybercrime / Dark Web

Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that specializes in the sale of sensitive personal and financial information.

Alex Khodyrev, a 35-year-old Kazakhstan national, and Pavel Kublitskii, a 37-year-old Russian national, have been charged with conspiracy to commit access device fraud and conspiracy to commit wire fraud.

Khodyrev and Kublitskii, between 2014 and 2024, acted as the main administrators of WWH Club (wwh-club[.]ws) and various other sister sites – wwh-club[.]net, center-club[.]pw, opencard[.]pw, skynetzone[.]org – that functioned as dark web marketplaces, forums, and training centers to enable cybercrime.

Cybersecurity

The indictment follows an investigation launched by the U.S. Federal Bureau of Investigation (FBI) in July 2020 after determining that WWH Club’s primary domain (www-club[.]ws] resolved to an IP address belonging to DigitalOcean, allowing them to issue a federal search warrant to the infrastructure company.

“WWH Club and sister site members used the marketplaces to buy and sell stolen personal identifying information (PII), credit card and bank account information, and computer passwords, among other sensitive information,” the U.S. Department of Justice (DoJ) said.

The forums, on the other hand, acted as a hotspot for discussions on best practices for committing fraud, launching cyber attacks, and evading law enforcement.

Furthermore, the darknet marketplace offered online courses for aspiring and active cyber criminals on how to conduct frauds. The advertised cost of the course ranged from 10,000 rubles to 60,000 rubles (about $110 to $664 as of September 7, 2024) and an additional $200 for training materials.

Court documents show that undercover FBI agents signed up for the site and attended a training course offered by the platform by paying approximately $1,000 in bitcoin that included topics such as the sale of sensitive information, DDoS and hacking services, credit card skimmers, and brute-force programs.

“The training was conducted through a chat function on the forum to a class of approximately 50 students; the various instructors provided training in text format rather than audible instruction,” the criminal complaint reads. “It was apparent the purpose of the training was to educate individuals on how to obtain and use stolen credit card data and PII to generate fraudulent proceeds.”

WWH Club is estimated to have had 353,000 users worldwide as of March 2023, up from 170,000 registered users in July 2020. Both Khodyrev and Kublitskii are believed to have profited from the membership fees, tuition fees, and advertising revenue.

Flashpoint, in a report published last month, said WWH-Club remains operational despite the law enforcement effort, and that “its other administrators are attempting to distance themselves from Kublitskii and Khodyrev.”

Cybersecurity

Khodyrev and Kublitskii “had been living in Miami for the past two years, while secretly continuing to administer WWH Club and its sister dark web marketplaces, forums, and schools,” the DoJ said.

If convicted on all counts, they could each face up to 20 years in federal prison. The indictment also requires Khodyrev to forfeit his 2023 Mercedes-Benz G63 AMG sport utility vehicle and Kublitskii’s 2020 Cadillac CT5 Sport sedan, which are said to have been purchased using proceeds from their criminal enterprise.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Articles You May Like

Earth’s Crust is ‘Dripping’ Beneath Turkey’s Konya Basin, Revealing Unique Geological Phenomenon
How to See Rare Comet C/2023 A3 Over Bengaluru in October 2024?
Amazon Great Indian Festival 2024 Sale: Best Deals on Premium Soundbars
iPhone 16 Pro Max Bill of Materials is 7 Percent Higher Than iPhone 15 Pro Max: Report
New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking