- The newest Echo Show 8 just hit its lowest price ever for Black Friday
- 기술 기업 노리는 북한의 가짜 IT 인력 캠페인··· 데이터 탈취도 주의해야
- 구글 클라우드, 구글 워크스페이스용 제미나이 사이드 패널에 한국어 지원 추가
- The best MagSafe accessories of 2024: Expert tested and reviewed
- Threads will show you more from accounts you follow now - like Bluesky already does
Ukrainian Gets Four Years for Brute Forcing Thousands of Credentials
A Ukrainian man has been handed a four-year jail term for stealing thousands of server logins and putting them up for sale on the dark web.
Glib Oleksandr Ivanov-Tolpintsev, 28, from Chernivtsi, was arrested in October 2020 by Polish police and subsequently extradited to the US, where he pleaded guilty in February this year.
He’s said to have controlled a botnet designed to brute-force server logins en masse. Once cracked, these working credentials were then sold on a dark web marketplace. Ivanov-Tolpintsev boasted that he could obtain at least 2000 access credentials in this way per week, according to the Department of Justice (DoJ).
He is said to have listed thousands of logins for sale on an unnamed marketplace from 2017 to 2019, receiving over $82,000 from customers. Some of these credentials came from businesses operating in Florida, which is where the case was investigated by the FBI.
The marketplace itself listed not only server usernames and passwords, but personally identifiable information (PII), including dates of birth and Social Security numbers for US residents.
Cyber-criminals used access to these servers to launch ransomware attacks and commit tax fraud, according to the DoJ.
The site reportedly offered over 700,000 compromised servers for sale, including at least 150,000 in the US and 8000 in Florida, although victims spanned the globe.
Among the victims listed by the DoJ were local, state and federal governments, hospitals, emergency services, call centers, metropolitan transit authorities, accounting and law firms, pension funds, and universities.
Despite best practice advice to switch to multi-factor authentication, passwords are still the most popular way for corporate users to access IT assets.
A security vendor revealed in a March 2021 report that it found 1.5 billion breached login combos circulating online in the previous year, with 60% of credentials reused across multiple accounts.
This puts them at risk of credential stuffing and other brute force tactics, where automated botnets like Ivanov-Tolpintsev’s are set to work cracking open accounts.