Ukrainian extradited to US for ‘trafficking’ computer passwords

A Ukrainian national has been extradited to the US, where he is accused of hacking and “trafficking in computer passwords,” the US Justice Department announced Wednesday.

Glib Ivanov-Tolpintsev, 28, is suspected of hacking into tens of thousands of computers and selling their access codes on the dark web, the underground area of the internet, the department said in a statement.

Arrested in Poland in October 2020, Ivanov-Tolpintsev was transferred to the US under an agreement between the two countries and presented Tuesday to a federal judge, who ordered his continued detention pending trial.

According to the indictment, since 2016, Ivanov-Tolpintsev had controlled a “botnet” – a network of computers infected with malware without their owners’ knowledge – and used it to decrypt their access codes.

During an exchange with an accomplice, Ivanov-Tolpintsev boasted he could steal the credentials of at least 2,000 computers per week. In 2017, during another conversation, he claimed to have obtained the passwords for more than 20,000 devices.

Once sold, these access codes are used for criminal activity, particularly financial fraud or ransomware attacks, according to the Justice Department.

Networks in the US have recently been hit by a wave of ransomware attacks, which involve hacking into an entity’s system to encrypt its data and then demanding a ransom in exchange for the decryption key.