Russian arrested for allegedly running online platform trading in stolen Info
SAN DIEGO (KUSI) – A suspected Russian hacker who allegedly ran an online platform where hackers could buy and sell stolen personal information has been arrested and is slated to be extradited to San Diego, the U.S. Attorney’s Office said Tuesday.
Prosecutors say Kirill Victorovich Firsov, 28, was the administrator for the DEER.IO platform, which provided hackers with access to virtual stores where they could buy or sell hacked and/or compromised financial corporate data, personally identifiable information and compromised user accounts. Hackers also allegedly used DEER.IO to advertise their services.
DEER.IO has been operating since at least 2013, and provided users with a storefront for 800 rubles — or about $12.50 — per month, according to prosecutors. The platform was advertised as having more than 24,000 active shops, with sales exceeding $17 million.
Prosecutors say law enforcement was unable to find a single legitimate business advertising its services or products on DEER.IO.
FBI agents arrested Firsov on March 7 in New York City. He is charged with unauthorized solicitation of access devices and is slated to appear in San Diego federal court on April 16.
The DEER.IO platform has since been shut down, the U.S. Attorney’s Office said.
“There is a robust underground market for hacked stolen information, and this was a novel way to try to market it to criminals hoping not to get caught,” U.S. Attorney Robert Brewer said. “Hackers are a threat to our economy, and our privacy and national security, and cannot be tolerated.”
According to a criminal complaint, the FBI purchased around 1,100 gamer accounts on March 4 from a DEER.IO store for under $20 in Bitcoin, with 249 of the accounts stolen from an unidentified San Diego company that “operates interactive video gaming platforms, and sells related products and services.”
The following day, the FBI purchased more than 3,500 personally identifiable information accounts from a DEER.IO store for around $700 in Bitcoin, providing them with the names, dates of birth and U.S. Social Security numbers for multiple San Diego County residents.
“DEER.IO was the largest centralized platform, which promoted and facilitated the sale of compromised social media and financial accounts, personally identifiable information and hacked computers on the internet,” FBI Special Agent in Charge Omer Meisel said. “The seizure of this criminal website represents a significant step in reducing stolen data used to victimize individuals and businesses in the United States and abroad.”