The US Department of Justice (DoJ) has arrested a Ukrainian citizen for using a botnet to hack people's passwords. He was caught by his alleged messages to vape shops in Ukraine, including an invoice with his home location.
Glib Oleksandr Ivanov-Tolpintsev is accused by the Department of Justice of deploying a botnet to break passwords of targeted individuals, which he subsequently sold on the dark web. According to his indictment, Ivanov-Tolpintsev made over $80,000 from the operation.
The press release from the DoJ reads, “During the course of the conspiracy, Ivanov-Tolpintsev stated that his botnet was capable of decrypting the login credentials of at least 2,000 computers every week...Once sold [on the dark web], credentials were used to facilitate a wide range of illegal activity, including tax fraud and ransomware attacks.”
On October 3, 2020, Polish police arrested Ivanov-Tolpintsev in Korczowa, Poland, and he was extradited to the United States to stand prosecution for these offenses.
According to an IRS affidavit, investigators tracked down Ivanov-Tolpintsev by looking at the contents of the Gmail accounts he used to conduct his dark web activities.
Many digital receipts from online vape shops were sent to one of these accounts, revealing Ivanov Tolpintsev's name and contact information.
Furthermore, Ivanov-normal Tolpintsev's email account was set as the recovery address for these accounts. Exploring the contents of his regular account showed a plethora of personally identifying information, including passport scans and Google Photos photos.
The government was able to assemble enough evidence to convince a court to order Ivanov Tolpintsev's arrest and extradition because of his carelessness in separating his criminal digital identity from his physical one.
Although the investigators haven't revealed much about Ivanov Tolpintsev's botnet case but the case highlights the dangers of depending solely on a password to protect an account.
Since breaking and auctioning passwords on the dark web may lead to significant attacks like the one on the United Nations, security experts have been urging to implement multi-factor authentication (MFA) systems.