Kirill Victorovich Firsov, a Russian Citizen has been jailed for 30 months (2.5 years) in US prison for running popular cybercrime marketplace Deer.io.
According to a press release from the U.S. Department of Justice (DoJ), Kirill Victorovich Firsov has been sentenced to 30 months in custody because of his role as the “administrator of a website that catered to cybercriminals by virtually selling items such as stolen credit card information, other personal information, and services to be used for criminal activity.”
On January 21, 2021, the Russian hacker had pleaded guilty to the “Unauthorized Solicitation of Access Devices.” The maximum penalty of this charge was up to ten years in prison and around a $250,000 fine.
According to presiding U.S. District Judge Cynthia Bashant, when deciding about the sentencing, it was acknowledged that Firsov had spent fifteen months in the U.S. prison system already. He will be deported to Russia after serving his term.
Deer.io was among the top-rated platforms on the internet before it was seized by the FBI (Federal Bureau of Investigation) last year. Before its demise, Deer.io was also known as a major platform for selling data obtained from compromised devices, hacked social media accounts, PII, and financial data.
The site administrator was a then-28-year-old Russian national, Kirill Victorovich Firsov. The FBI arrested him from JFK Airport, New York, in 2020 while trying to board a plane to Moscow, Russia.
Deer.io was Active since 2013
According to the FBI, Deer.io was operating since 2013. It hosted more than 24,000 online stores and offered its services on a subscription basis throughout its operating time. The site’s subscription was approx. $12 per month.
The DoJ revealed that it catered to 3,000 active stores, and sales exceeded $17 million. Acting U.S. Attorney Randy Grossman stated that:
‘This platform provided cybercriminals with easy access to the personal accounts and information of people around the world, including Americans. Stopping that flow of stolen information to criminals is critical to addressing the cybercrime threats facing our country, and we will prosecute those who are responsible.”
According to the FBI’s complaint, Deer.io claimed that it hosted legitimate businesses and users didn’t need any special access privileges. However, as per the bureau’s investigation, most of its sales were made by cybercriminals.
Investigators found out that it sold stolen accounts and personally identifiable information (PII), including names, telephone numbers, addresses, and social security numbers. A majority of its victims were located in Europe and the USA.
During its investigation, the FBI purchased 1,100 compromised gamer accounts on March 4, 2020, and on March 5, the bureau’s agents purchased PII of more than 3,600 Americans.