Moldovan National Extradited to US Over E-Root Stolen Credential Marketplace

Sandu Diaconu, a 31-year-old Moldovan national, has been extradited from the UK to the US to stand trial over his alleged administration of the notorious E-Root marketplace, which specialized in the trade of stolen credentials.

Extradition and Background

The extradition followed a mandate from Westminster Magistrates' Court in September 2023. A co-defendant, whose identity was redacted from court documents, allegedly operated the illicit online bazaar alongside Diaconu between 2015 and 2020.

According to the Middle District of Florida US Attorney's Office, E-Root was a long-operational platform used to sell access to compromised computers globally, including servers owned by US-based entities.

Marketplace Operations

Cybercriminals on E-Root could search for various compromised credentials such as Secure Socket Shell (SSH) and Remote Desktop Protocol (RDP) access. The platform also boasted advanced filtering features, enabling the malefactors to filter by price, region, operating system, open ports, and Internet Service Provider (ISP).

The federal investigation into the marketplace revealed that over 350,000 credentials were put up for sale on E-Root, per the US Department of Justice.

Federal Investigation and Victim Impact

The victims encompass multiple worldwide businesses and firms, and at least one local government agency in Tampa. It was disclosed that many victims subsequently suffered ransomware attacks, while some credentials listed on the marketplace were connected to stolen identity tax fraud schemes.

Payments on E-Root were facilitated through the Perfect Money online payment system. Diaconu, under the alias "WinD3str0y", is also alleged to have operated a sister website, enabling the conversion of Bitcoin into Perfect Money to help obfuscate the identities of the marketplace users.

Despite these elaborate arrangements, court documents revealed chinks in the operation, as the administrators kept extensive records about the buyers, making it easier for authorities to trace back the illegal activities.

Downfall and Legal Charges

The downfall of E-Root came in late 2020 through a joint operation, and Diaconu was apprehended by British authorities in May 2021 while trying to leave the country. The charges against Diaconu and his co-defendant include conspiracy to commit access device and computer fraud, money laundering conspiracy, wire fraud conspiracy, access device fraud, and computer fraud.

Diaconu, now facing up to 20 years in federal prison if convicted on all counts, made his initial appearance before a US judge on Oct. 16. He remains in custody and has not registered a plea to the charges.

Recommendations for Credential Safety

1. Avoid Password Reuse: Ensure each account has a unique password to prevent a security breach on one account from compromising others.
2. Use Strong Passwords: Use a mix of uppercase and lowercase letters, numbers, and special characters to create robust passwords.
3. Enable Two-Factor Authentication (2FA): Add an additional layer of security by enforcing a second form of identification in addition to the password.
4. Regularly Update Passwords: Change passwords periodically to reduce the risk of unauthorized access.
5. Use a Password Manager: Specialized tools like Bitdefender Password Manager can help keep track of complex passwords and ensure they are stored securely.
6. Be Wary of Phishing Attempts: Stay vigilant to avoid scams that steal your credentials through fraudulent emails or messages.
7. Keep Software Updated: Ensure that your operating system, applications and security software are up to date with the latest security patches.