As goes Moldova so goes Transnistria.
Or something.
From the Organized Crime and Corruption Reporting Project, May:
Moldovan police say computer servers in their country hosted Crimenetwork, a relaunched darknet marketplace that was dismantled in a joint law enforcement operation this month.
The technical infrastructure for Crimenetwork, a relaunched darknet marketplace used to sell stolen data, cybercrime tools, drugs, forged documents, and money-laundering services, was hosted on servers belonging to a company in Moldova, the country’s police said Wednesday.
Moldovan, German, and Spanish law enforcement, along with the European Union Agency for Criminal Justice Cooperation, dismantled the platform in a joint operation this month, authorities said.
Moldovan police described Crimenetwork as one of the most active darknet markets dedicated to cybercrime, saying it operated both as an encrypted forum for cybercriminals and as an illegal online marketplace.
“The platform operator charged commissions for transactions made, and sellers paid monthly fees for advertising and marketing licenses,” the Moldovan police statement said.
The Moldovan details of the case were made public after German authorities on May 8 announced the joint operation had taken down the platform and arrested its suspected operator, a 35-year-old German citizen, at his home in Mallorca, Spain.
“The accused is charged with having built and administered a completely new technical infrastructure, also called ‘Crimenetwork,’ just a few days after the shutdown of the previous version of ‘Crimenetwork’ and the arrest of its administrator in December 2024,” said the Federal Police Office of Germany statement.
Moldovan police said Crimenetwork was used to trade stolen bank card information, login credentials, and personal documents, as well as to distribute malware, ransomware, and DDoS attack services, and to facilitate other illicit activity, including anonymous hosting and money laundering.
The platform had more than 22,000 users and over 100 active vendors, with transactions carried out in cryptocurrency, German and Moldovan authorities said. Investigators found evidence that it generated more than 3.6 million euros (roughly $4.2 million) through sales commissions, advertising fees, and vendor licenses....
....MORE
Calling your crime network Crimenetwork seems a bit, as the say in Hollywood, on-the-nose.
But maybe not. In june 2022 we saw this:
What a time to be alive.
From TechCrunch:
Evil Corp hackers evolve ransomware tactics to dodge US sanctions
The Russia-based cybercriminal group known as Evil Corp has shifted to a ransomware-as-a-service model in an effort to skirt U.S. sanctions, according to research from cybersecurity firm Mandiant.
The U.S. Treasury’s Office of Foreign Assets Control, or OFAC, sanctioned Evil Corp in December 2019, citing the group’s extensive development of Dridex malware, which the gang used to steal more than $100 million from hundreds of banks and financial institutions.
Since, Mandiant researchers have observed a number of ransomware intrusions attributed to a threat actor which it tracked as an as-of-yet uncategorized threat group dubbed UNC2165, which the threat intelligence firm says shares “numerous overlaps” with Evil Corp and likely represents another evolution in Evil Corp affiliated actors’ operations.
UNC2165 is a group that Mandiant has tracked since 2019, which almost-exclusively obtains access to networks through an infection chain which Mandiant calls “FakeUpdates,” in which victims are tricked into opening under the guise of a browser update. This was a tactic also used as an infection vector for Dridex infections and was later used by Evil Corp attackers to deploy BitPaymer and WastedLocker, two ransomware variants developed by the sanctioned hacking group.
UNC2165 has also deployed the Hades ransomware, which has code and functional similarities to other ransomware believed to be associated with Evil Corp-affiliated threat actors....
....MUCH MORE
They have an affiliate program?
And, though not related to the Russians or Moldovans this story from 2016 always comes to mind:
21st Century Headlines:Which was last referenced introducing October 2024's: ""Evil Corp's deep ties with Russia and NATO member attacks exposed":
I delude myself that I am reasonably up-to-speed on the zeitgeist and on technology but twenty or so times a day things are brought to my attention about which I was heretofore clueless....
...Super Evil Megacorp starts team-franchise program to energize Vainglory...
I would expect nothing less from SEMC.
