A Russian man was sentenced to 30 months in prison for running a website that sold stolen credit card data and other personal information to cybercriminals, according to a Department of Justice announcement.
The Russian man, Kirill Victorovich Firsov, was first arrested last year, and pleaded guilty to hacking-related charges in January. Firsov was accused of having run the site, Deer.io, which hosted other cybercriminals’ shops, since 2013. Users could create accounts on Deer.io, using the platform as a foundation for their own sales.
Deer.io raked in $17 million worth of sales and sold at least $1.2 million in U.S.-based stolen information, according to the Department of Justice. Many of the transactions involved Americans’ names, current addresses, telephone numbers, and Social Security numbers.
The Department of Justice acknowledged that U.S. law enforcement had some difficulty gaining a foothold into the site given that it was run out of Russia, but Suzanne Turner, a special agent in charge at the bureau, warned that the FBI remains committed to pursuing scammers living outside U.S. jurisdiction.
“The FBI will identify and pursue criminal actors in the cyber-sphere, regardless of where they operate, and work to bring them to justice in a United States court,” Turner said.
In its investigation into Firsov and Deer.io, the FBI spent approximately $522 in bitcoin, and was able to obtain information on approximately 2,650 people, including heir names, addresses and Social Security numbers, according to the indictment. The FBI was also able to purchase information on people’s video game accounts in order to obtain users’ payment information.
U.S. District Judge Cynthia Bashant acknowledged that the sentence of 30 months in prison accounts for the 15 months Firsov has already served during the pandemic. Firsov faced up to 10 years in prison in all.
The FBI has also pursued other accused cybercriminals for their alleged roles in running so-called bulletproof hosting sites that enable hacking and cybercrime. Four Eastern European men pleaded guilty just this March for overseeing websites that hosted malware, effectively serving as bulletproof hosting sites for cybercriminals between 2008 and 2015.