Introduction
A Michigan resident, Andrew Shenkosky [1] [2] [3] [4] [5] [6], has been indicted on several charges related to cybercrime activities, including wire fraud and identity theft [1] [4] [5]. The charges are linked to his alleged involvement in purchasing and using stolen login credentials from a dark web marketplace.
Description
A Michigan man [1] [2] [4] [6], Andrew Shenkosky, 29 [1] [2] [3] [4] [5] [6], has been indicted on multiple charges [1] [2] [4] [5] [6], including three counts of wire fraud [1] [2] [4], one count of aggravated identity theft [1] [2] [4], one count of possession of unauthorized access devices [1] [2] [4], and one count of trafficking computer access information [1] [2] [4]. The indictment [2], announced by the US Justice Department [2], stems from actions taken between February and November 2020 while Shenkosky was residing in Minnesota [2]. He allegedly executed a scheme to defraud victims by purchasing approximately 2,500 stolen login credentials from Genesis Market, a dark web marketplace notorious for compiling and selling hundreds of thousands of stolen credentials obtained from malware-infected computers worldwide [4]. This platform was dismantled by the FBI in April 2023, leading to the arrest of 120 individuals [5], while its administrators remain at large [5].
Shenkosky is accused of creating a fraudulent Coinbase cryptocurrency account in the name of one of his victims to obtain an invite code for Genesis Market, from which he purchased the stolen credentials [1] [4]. He reportedly used these credentials to conduct unauthorized financial transactions [3], including withdrawing funds from victims’ bank accounts without their consent and transferring the money to a PayPal account he controlled [1] [4]. Additionally, he attempted to sell some of the stolen account information on a now-defunct cybercriminal forum known as Raid Forums. His initial court appearance occurred on February 11, 2025 [2], in Michigan [1] [2] [4] [6], with an arraignment hearing scheduled for this week in Minnesota [5]. The case is being prosecuted by Assistant US Attorneys Benjamin Bejar and Robert Lewis [2], and it was investigated by the FBI Cybercrime Unit and the FBI’s Minneapolis and Detroit Field Offices [2].
Conclusion
The indictment of Andrew Shenkosky underscores the ongoing threat posed by cybercriminal activities and the dark web’s role in facilitating such crimes. The dismantling of Genesis Market by the FBI highlights the efforts of law enforcement agencies to combat cybercrime and protect individuals from identity theft and financial fraud. As cyber threats continue to evolve, it is imperative for both individuals and organizations to remain vigilant and adopt robust cybersecurity measures to mitigate potential risks.
References
[1] https://www.yahoo.com/news/indictment-michigan-man-living-minnesota-224018996.html
[2] https://ciso2ciso.com/michigan-man-indicted-for-dark-web-credential-fraud-source-www-infosecurity-magazine-com/
[3] https://wjon.com/former-minnesota-man-indicted-wire-fraud/
[4] https://thetowernews.com/michigan-man-used-dark-web-to-buy-2500-stolen-logins-in-mn/
[5] https://thecyberwire.com/podcasts/daily-podcast/2251/transcript
[6] https://www.infosecurity-magazine.com/news/michigan-man-indicted-dark-web/
