The U.S. Department of Justice (DoJ) has been actively working to combat cybercrime. On Thursday, they announced the shutdown of the illicit marketplace Rydox, which was selling stolen personal information and other tools for cybercrime. This operation led to the arrest of three Kosovo nationals and administrators of the service. Ardit Kutleshi and Jetmir Kutleshi are expected to be extradited to the U.S., while Shpend Sokoli, who was apprehended in Albania, will be charged and prosecuted there.

Details of the Rydox Marketplace

The Rydox marketplace has been quite active. It has conducted over 7,600 sales of personally identifiable information (PII), stolen access devices, and cybercrime tools, generating at least $230,000 in revenue since its inception in or around February 2016. This includes credit card information and login credentials stolen from thousands of U.S. victims. It also advertised as many as 321,372 cybercrime products to over 18,000 users.Users had to register for an account and deposit cryptocurrency into it. Rydox charged registered users a one-time fee ranging from $200 to $500 to become authorized sellers. These sellers received 60% of each sale, with Rydox keeping the rest. An undercover FBI source registered an account, deposited $300 in cryptocurrency, and purchased about 40 "full" packages containing victims' personal and financial information.In coordination with the actions, the FBI and Royal Malaysian Police confiscated servers in Kuala Lumpur to take the site offline. Additionally, cryptocurrency worth approximately $225,000 was seized from the defendants' accounts. Albanian authorities also seized one computer unit, six laptops, five mobile phones, and other storage devices and documents related to Sokoli's arrest.Ardit Kutleshi and Jetmir Kutleshi have been charged with two counts of identity theft, one count of conspiracy to commit identity theft, one count of aggravated identity theft, one count of access device fraud, and one count of money laundering. If convicted, they face a maximum penalty of 37 years in prison.

Nigerian National Extradited for BEC Scheme

The DoJ also announced the extradition of Abiola Kayode, a 37-year-old Nigerian, for his alleged participation in a business email compromise (BEC) scheme from 2015 to 2016. His co-conspirators posed as company executives and directed employees to complete wire transfers. Kayode provided bank account information to the co-conspirators, which belonged to victims of internet romance scams.In late October 2024, one of Kayode's co-conspirators was sentenced to nearly four years in prison. Last week, another 39-year-old Nigerian citizen was sentenced to eight years in prison for operating a BEC scheme across several countries, including the U.S.

Spain Busts Vishing Ring

A joint operation by Spanish and Peruvian officials disrupted a phishing ring that defrauded over 10,000 bank customers. A total of 83 people, including the e-crime group's leader, were arrested. The individuals were linked to a call center-based vishing scam from Peru, where thousands of calls were made daily, masquerading as bank employees and tricking users into providing verification codes.The codes were then passed on to members in Spain, who used them to withdraw cash from ATMs. The fraudulent scheme is estimated to have made over €3,000,000 ($3.15 million) in illegal profits. Once they had the money, they appropriated a percentage ranging from 20 to 30% and transferred the rest to the organization in Peru through dedicated cash-sending companies.

Russia's FSB Detains Cybercriminal Group

Russia's Federal Security Service (FSB) detained 11 managers and employees operating a network of call centers that conducted large-scale financial fraud, netting $1 million in illegal profits per day. The "call centers" were part of an international organized criminal group that committed mass fraud against citizens of the EU, UK, Canada, Brazil, India, Japan, etc. About 100,000 people in more than 50 countries became victims of their illegal activities.The agency claimed that the network operated in the interests of Davit Kezerashvili, the former Minister of Defense of Georgia and founder of the Milton Group, who is currently hiding in London. In April 2023, BBC published an investigation (now taken down) into the Milton Group. Kezerashvili has rejected the accusations, stating he has nothing to do with the group. However, in early September 2024, the Prosecutor's Office of Georgia said that more than $1 million in illicit proceeds from the call center scams flowed into his bank accounts and those of his family members.Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.