Summary: The Justice Department has successfully dismantled Rydox, an online marketplace for stolen personal information, leading to the arrest of three alleged administrators. This coordinated operation highlights the extensive scale of cybercrime and the international collaboration needed to combat it.
Threat Actor: Rydox Administrators | Rydox
Victim: U.S. Residents | U.S. Residents
Key Point :
- Rydox was linked to over 7,600 illicit sales, generating more than $230,000 in revenue since 2016.
- The site offered at least 321,372 cybercrime products to over 18,000 users, including sensitive data like credit card information and login credentials.
- Three individuals, including two Kosovo nationals, were arrested and face charges such as identity theft and money laundering.
- The operation involved multiple international law enforcement agencies, showcasing the global effort against cybercrime.
- U.S. authorities seized the domain Rydox.cc and approximately $225,000 in cryptocurrency linked to the defendants.
The Justice Department announced Thursday that it had participated in a coordinated effort to seize and dismantle Rydox, an online marketplace for stolen personal information and cybercrime tools. The operation led to the arrest of three individuals alleged to be the site’s administrators.
Rydox has been linked to over 7,600 illicit sales and generated substantial profits since its inception in 2016. Authorities reported the site’s revenue exceeded $230,000, primarily sourced from selling sensitive data such as credit card information, login credentials, and other PII stolen from thousands of U.S. residents. The site has offered for sale at least 321,372 cybercrime products to over 18,000 users.
The operation was carried out by the FBI’s Pittsburgh Office, Albania’s Special Anti-Corruption Body (SPAK) and its National Bureau of Investigation (BKH), the Kosovo Special Prosecution Office, the Kosovo Police, and the Royal Malaysian Police.
Kosovo nationals Ardit Kutleshi, 26, and Jetmir Kutleshi, 28, were apprehended in Kosovo. They will be extradited to the Western District of Pennsylvania to face multiple charges, including identity theft and money laundering. A third man, Shpend Sokoli, also from Kosovo, was detained in Albania. Sokoli will be prosecuted in Albania.
The domain, Rydox.cc, and its associated servers were seized in Kuala Lumpur, Malaysia. Additionally, U.S. authorities seized approximately $225,000 in cryptocurrency linked to the defendants.
Eric Olshan, U.S. Attorney for the Western District of Pennsylvania, said in a release that despite these cases being a concerted, multi-national law enforcement effort, the “harms can be devastatingly local.”
Thursday’s “takedown reinforces our steadfast message that the Western District of Pennsylvania and our domestic and international law enforcement partners will use every available tool to hold accountable those who pursue illicit profit at the expense of ordinary citizens around the world,” Olshan said.
Source: https://cyberscoop.com/rydox-cybercriminal-marketplace-seized-doj-albania-kosovo