US Sentence Ukrainian to 4 Years for Brute-forcing and Selling Login Credentials

The 28-year-old Ukrainian national Glib Oleksandr Ivanov-Tolpintsev was arrested in Poland and extradited to the USA in 2020.

A Ukrainian national identified as Glib Oleksandr Ivanov-Tolpintsev in the press release from the US Department of Justice (DoJ) has been sentenced to four years in federal prison for stealing server login credentials and selling them on the Dark Web.

Polish police arrested the Chernivtsi, Ukraine resident from Korczowa, Poland, on 3rd October 2020 and later extradited him to the USA. He pleaded guilty in February 2022. The Tampa Division of the Federal Bureau of Investigation (FBI) investigated the case, and the trial was held in Florida.

Accused Brute-Forced Thousands of Server Logins

According to the DoJ’s press release, the 28-year-old Ivanov-Tolpintsev controlled a botnet to brute-force thousands of server logins, and after decrypting the credentials, he sold them on Dark Web.

Glib Oleksandr Ivanov-Tolpintsev

During the trial, the accused admitted obtaining a minimum of two thousand access credentials every week and listed them for sale between 2017 and 2019. He earned $82,000 through selling decrypted credentials, some of which belonged to businesses based in Florida.

Stolen Credentials Used to Launch Ransomware Attacks

The unnamed marketplace listed stolen server usernames/passwords and PII (personally identifiable

Read More: