Sandu Diaconu [4] [5] [6] [8] [9], a man from Moldova [4], has been extradited from the UK to the US to face charges related to his operation of the E-Root marketplace [4].
Description
Diaconu has been charged with various crimes [5] [9], including conspiracy to commit access device and computer fraud [9], wire fraud conspiracy [5] [9], money laundering conspiracy [5] [6] [8] [9], access device fraud [4] [5] [6] [8] [9], and computer fraud [4] [5] [6] [8] [9]. The marketplace, known as E-Root, operated across a distributed network and took measures to conceal the identities of its administrators [1] [2] [3] [7], buyers [1] [2] [3] [5] [6] [7] [8] [9], and sellers [1] [2] [3] [5] [7] [9]. It provided filtered search tools for buyers to navigate offerings [6] [8], allowing them to search for compromised computer credentials based on specific criteria such as price [3] [7], location [1] [2] [3] [7], internet service provider [2] [3], and operating system [2] [3] [7] [8]. Payments on the marketplace were made using Bitcoin and Perfect Money, and it also operated a cryptocurrency exchange service [6]. Authorities estimate that over 350,000 compromised computer credentials were listed for sale on the marketplace [1] [2] [3] [7], affecting victims from various industries and locations [7]. In 2020 [4] [5] [9], international law enforcement authorities coordinated an operation to take down the E-Root marketplace. Many victims [1] [3] [4] [5] [9], including a government agency in Tampa [5], Florida [5], experienced ransomware attacks and stolen identity tax schemes [1] [3] [5]. Diaconu’s arrest in the UK in May 2021 led to his extradition to the US in September 2023 [9]. The US authorities are seeking forfeiture of criminal proceeds from Diaconu’s illegal activities [6]. Diaconu has not yet entered a plea for the charges.
Conclusion
The operation of the E-Root marketplace by Sandu Diaconu had significant consequences, with numerous victims falling prey to ransomware attacks and stolen identity tax schemes. The coordinated efforts of international law enforcement authorities resulted in the marketplace being taken down in 2020. However, the impact of this criminal activity is far-reaching, affecting victims from various industries and locations [7]. The extradition of Diaconu to the US demonstrates the commitment of authorities to hold individuals accountable for their involvement in cybercrime. The pursuit of forfeiture of criminal proceeds sends a strong message that illegal activities will not go unpunished. This case serves as a reminder of the ongoing need for vigilance and collaboration in combating cybercrime and protecting individuals and organizations from its detrimental effects.
References
[1] https://www.flashpoint.io/blog/usa-vs-sandu-boris-diaconu/
[2] https://www.cyberkendra.com/2023/10/e-root-marketplace-administrator-faces.html
[3] https://www.irs.gov/compliance/criminal-investigation/moldovan-charged-arrested-and-extradited-for-administration-of-site-involved-in-the-illicit-sale-of-compromised-computer-credentials
[4] https://www.hackread.com/e-root-marketplace-admin-extradited-us-fraud/
[5] https://www.infosecurity-magazine.com/news/us-charge-man-stolen-credentials/
[6] https://www.redpacketsecurity.com/e-root-admin-faces-years-for-selling-stolen-rdp-ssh-accounts/
[7] https://www.justice.gov/usao-mdfl/pr/moldovan-charged-arrested-and-extradited-administration-site-involved-illicit-sale?s=08
[8] https://cyber.vumetric.com/security-news/2023/10/19/e-root-admin-faces-20-years-for-selling-stolen-rdp-ssh-accounts/
[9] https://flyytech.com/2023/10/19/us-charge-man-with-running-stolen-credentials-marketplace/
