The FBI on Tuesday seized the website for DEER.IO, a Russian online platform used to conduct millions of dollars worth of cybercriminal transactions. The crackdown followed the March 7 arrest of alleged hacker/DEER.IO administrator Kirill Victorovich, who was taken into custody while in New York City.
Active since October 2013, DEER.IO allows users to purchase access to cyber storefronts from which they could sell stolen credentials and other criminal wares and services to customers via an interface.
Victorovich, 28, has been federally charged with unauthorized solicitation of access devices, which carries a maximum penalty of 10 years in prison. According to a U.S. Department of Justice release, Firsov both managed DEER.IO and advertised it on other hacker forums.
Firsov is scheduled to make an April 16 appearance before the Southern District of California Court — the same court that issued the order to seize DEER.IO.
A DOJ-filed federal complaint says that stores operating via DEER.IO’s Russian-based infrastructure offered stolen financial and corporate data, personally identifiable information and user accounts.
According to a Justice Department press release, earlier this month the FBI purchased 1,100 game accounts — including passwords — from the DEER.IO store known as ACCOUNTS-MARKET.DEER.IS. Having full access to hacked accounts would allow the buyer to make additional purchases that would be charged to the account’s rightful owner. The FBI also bought several thousand accounts from another DEER.IO store called SHIKISHOP.DEER.IS.
“From those identities, the FBI identified names, dates of birth and U.S. Social Security numbers for multiple individuals who reside in San Diego County,” the release states.
“There is a robust underground market for hacked stolen information, and this was a novel way to try to market it to criminals hoping not to get caught,” said U.S. Attorney Robert Brewer. “Hackers are a threat to our economy, and our privacy and national security, and cannot be tolerated.”