Russian national sentenced to 40 months for selling stolen data on the dark web
August 16, 2024
A Russian national was sentenced to over three years in prison for selling stolen information and credentials on a dark web marketplace.
The 27-year-old Russian national
Georgy Kavzharadze (also known as “George,” “TeRorPP,” “Torqovec,” and “PlutuSS”) has been sentenced to over three years in prison for selling financial information, login credentials, and other personal data on the dark web marketplace, Slilpp.In June 2021, the US Department of Justice announced the seizure of the infrastructure of SlilPP. The seizure is the result of a multinational operation involving law enforcement agencies in the United States, Germany, the Netherlands, and Romania.
The marketplace had been active since 2012, it was allowing sellers to offer stolen login credentials, including usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other online accounts.
According to the DOJ, more than 80 million login credentials from more than 1,400 companies were sold through the SlilPP portal.
Kavzharadze pleaded guilty to conspiracy to commit bank and wire fraud on February 16, 2024. The Russian man was sentenced to 40 months in prison and ordered to pay $1,233,521.47 in restitution.
Between July 2016 and May 2021, Kavzharadze listed over 626,100 stolen login credentials on Slilpp and sold more than 297,300 of them. These credentials were linked to $1.2 million in fraudulent transactions.
“According to court documents, between July 2016 and May 2021, Kavzharadze, using the name “TeRorPP,” listed over 626,100 stolen login credentials for sale on Slilpp and sold more than 297,300 of them on the illegal marketplace. Those credentials were subsequently linked to $1.2 million in fraudulent transactions. On May 27, 2021, Kavzharadze’s account on Slilpp listed 240,495 login credentials for sale that would allow the buyer to use the information to steal money from the victim’s online payment and bank accounts.” reads the press release published by DoJ. “The credentials included access to accounts with banks located in New York, California, Nevada, and Georgia. Kavzharadze accepted Bitcoin as payment for the credentials. An FBI analysis connected Kavzharadze to withdrawals of more $200,000 in Slilpp profits from his Bitcoin account.”
Prosecutors believe that the man has made at least $200,000 in illegal profits from the sale of stolen credentials.
On August 24, 2021, Kavzharadze was charged with multiple crimes, including conspiracy to commit bank and wire fraud, and was later extradited to the U.S. He made his initial court appearance on May 18, 2022, and has been detained since his extradition.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, Russian national Georgy Kavzharadze)