The U.S. Department of Justice announced today the dismantling of Rydox, an illicit online marketplace that sold stolen personal information, credit card data, and cybercrime tools. The takedown, which was carried out in coordination with international law enforcement agencies, has resulted in the arrest of three individuals connected to the site, including two Kosovo nationals, Ardit Kutleshi, 26, and Jetmir Kutleshi, 28, both of whom were arrested in Kosovo. A third individual, Shpend Sokoli, was arrested in Albania.
The arrests follow an indictment unsealed today in the Western District of Pennsylvania, detailing the illegal activities of the Rydox marketplace. Operating since at least February 2016, the site has facilitated over 7,600 sales of stolen personally identifiable information (PII), credit card details, and cybercrime tools, generating at least $230,000 in illicit revenue. It catered to a global network of over 18,000 users, offering an array of illegal products, including stolen credit card information, social security numbers, and online login credentials, as well as tools for conducting fraud, scams, and spamming.
The Rydox marketplace was a comprehensive online black market where cybercriminals could easily purchase stolen data and tools to facilitate fraud. According to the indictment, the site sold over 321,000 cybercrime products, which included valuable information such as names, addresses, and social security numbers, alongside cybercrime tools like scam pages and spamming logs. The marketplace had been a major hub for the trade of illicit goods used in identity theft, financial fraud, and other cybercrimes.
“Today’s takedown of the Rydox marketplace represents a significant victory in our global fight against cybercrime,” said Principal Deputy Assistant Attorney General Nicole M. Argentieri of the Justice Department’s Criminal Division. “For more than eight years, these individuals operated a site that profited from the theft of personal data and the enabling of other criminal activities. With this operation, we have not only shut down the site but also arrested its key administrators and seized their illicit proceeds.”
The operation to dismantle Rydox was the result of a coordinated effort between U.S. authorities and law enforcement agencies in multiple countries, including Kosovo, Albania, and Malaysia. The Justice Department worked closely with the FBI, Kosovo’s State Prosecutor’s Special Prosecution Office, Kosovo Police’s Cybercrime Investigation Directorate, the Special Anti-Corruption Body (SPAK) of Albania, and the Royal Malaysian Police.
In addition to the arrests, U.S. authorities also obtained judicial approval to seize the domain www.Rydox.cc, effectively taking the site offline. A seizure banner now greets anyone attempting to access the site, notifying them of the federal action. Law enforcement also targeted the technical infrastructure that supported the marketplace, including servers located in Kuala Lumpur, Malaysia, which were seized by the FBI and Malaysian authorities.
Furthermore, authorities were able to seize approximately $225,000 worth of cryptocurrency from the defendants’ accounts, further disrupting their ability to profit from illegal activities.
Ardit and Jetmir Kutleshi face multiple serious charges related to their roles in operating Rydox. Both men have been charged with identity theft, conspiracy to commit identity theft, access device fraud, money laundering, and aggravated identity theft. The charges are related to the alleged trafficking of stolen personal data and fraud-related activities conducted through the marketplace.
If convicted, the Kutleshi brothers face substantial prison sentences. They each face a maximum of 20 years in prison for money laundering, 10 years for access device fraud, and up to five years for each identity theft offense. Additionally, they face a mandatory minimum sentence of two years for the aggravated identity theft charge, which would run consecutively to any other sentences imposed.
The third administrator, Shpend Sokoli, who was arrested in Albania, will be prosecuted under Albanian law, though U.S. authorities are working to ensure that justice is served for all involved in this international cybercrime operation.
U.S. Attorney Eric G. Olshan for the Western District of Pennsylvania emphasized the local impact of global cybercrime, noting that despite the site’s international scope, the victims of these crimes are often everyday citizens. “While cybercrime often involves conduct occurring overseas and the actions of foreign nationals, its harms can be devastatingly local,” Olshan said. “Today’s takedown reinforces our message that we will use every available tool to hold accountable those who profit from the theft and misuse of sensitive personal information.”
The operation also serves as a warning to other cybercriminals. “This takedown sends a clear message: no matter where you are in the world, if you are involved in cybercrime, we will find you, and we will hold you accountable,” said Special Agent in Charge Kevin Rojek of the FBI Pittsburgh Field Office.
Comments