With the war in Ukraine still on the top of everyone's minds, the U.S. Government has been warning citizens and businesses about possible "cyber attacks" from Russia and warning of hackers looking to sell stolen information The FBI is searching for a wanted Russian National on its Cyber Most Wanted List and recently indicted him for offenses related to operating a cyber-criminal marketplace that sold thousands of stolen login credentials, personal identifiable information, and authentication tools.

23-year-old Igor Dekhtyarchuk was named in an indictment returned by a federal grand jury on March 16, 2022.

According to the U.S. Attorney's Office, Igor Dekhtyarchuk a resident and national of the Russian Federation (Russia), operated Marketplace A, which claimed to have sold access to more than 48,000 compromised email accounts, more than 39,000 compromised online accounts, and averaged approximately 5,000 daily visitors. Marketplace A specialized in the sale of unlawfully obtained access devices for compromised online payment platforms, retailers, and credit card accounts, including providing the data associated with those accounts such as names, home addresses, login credentials, and payment card data for the victims, who are the actual owners of those accounts. Marketplace A’s business is known as a “carding shop” in the cyber-criminal world.

Dekhtyarchuk was the administrator of Marketplace A and was a Russian hacker who first appeared in hacker forums in November 2013 under the alias “floraby.”

Dekhtyarchuk began advertising the sale of compromised account data in Russian-language hacker forums in April 2018 and opened Marketplace A in May 2018. Dekhtyarchuk immediately began advertising Marketplace A and the products it sold in May 2018. Dekhtyarchuk also sold the usage, in seven-day rental increments, of a program called “[Company A] Auth 1.0,” which was a downloadable software program that the customer could use to input the stolen access devices, and using the provided cookie, to access the compromised Company A accounts.

Beginning in March 2021 and ending in July 2021, the FBI through an online covert employee (OCE) made thirteen purchases of access devices from Dekhtyarchuk while accessing Marketplace A from the Eastern District of Texas.

Each purchase varied in number of accounts, ranging from three to twenty accounts, resulting in access devices purchased for a total of 131 accounts. The OCE received the purchased access devices via link or Telegram messenger service shortly after completing each purchase. Dekhtyarchuk has since been placed on the FBI's Cyber Most Wanted List. If convicted, Dekhtyarckuk faces up to 20 years in federal prison. A grand jury indictment is not evidence of guilt. A defendant is presumed innocent until proven guilty beyond a reasonable doubt in a court of law.