Sandu Boris Diaconu, a Moldovan national, has been sentenced to 42 months in prison for his role as the administrator of E-Root, a significant online marketplace selling access to compromised computers worldwide. Operating under aliases like ‘utmsandu’ and ‘sandushell,’ Diaconu faced charges related to conspiracy, access device fraud, and computer fraud, culminating in a guilty plea in December. Despite attempts to evade capture, Diaconu was apprehended in the U.K. following the seizure of E-Root’s domains by authorities in late 2020 and later extradited to the United States in October 2023 to face multiple charges.
The Department of Justice revealed that more than 350,000 credentials were listed for sale on E-Root, impacting victims worldwide across various industries and even local government agencies like Tampa. The marketplace facilitated ransomware attacks and identity theft schemes, with stolen credentials linked to fraudulent wire transfers and tax fraud. Operating between January 2015 and February 2020, E-Root operated as a sprawling cybercrime hub, offering buyers the ability to purchase compromised RDP and SSH credentials for unauthorized access to victims’ systems.
E-Root’s platform resembled a legitimate e-commerce website, complete with customer service, warranty policies, and an illicit cryptocurrency exchange service to obfuscate payment trails. Buyers could search for compromised credentials based on various criteria, including price and geographic location, facilitating a wide range of illegal activities. The marketplace’s shutdown marks a significant victory in the fight against cybercrime, highlighting law enforcement’s efforts to dismantle criminal enterprises operating in the digital underground.
