Vitalii Chychasov, a Ukrainian man, has pleaded guilty in the United States to conspiracy and trafficking in unauthorized access devices through the SSNDOB Marketplace, a network of websites that sold sensitive personal information of individuals in the U.S., including their full names, dates of birth, and Social Security Numbers (SSNs).
The law enforcement operation resulted in the seizure of the marketplace domains, which had previously facilitated the sale of personal details of 24 million people, generating over $19 million in revenue. The stolen SSNs were used for various frauds, including tax fraud, unemployment insurance fraud, loan fraud, and credit card fraud, amounting to nearly $10 million stolen by a single buyer.
Chychasov’s arrest occurred in March 2022 while attempting to enter Hungary, and he was later extradited to the U.S. in July of the same year. As part of his guilty plea, Chychasov agreed to relinquish control of the domains “blackjob.biz,” “ssndob.club,” and “ssndob.vip,” which were used to facilitate the criminal activities.
A second administrator of the SSNDOB Marketplace, Sergey Pugach, was also arrested in May 2022. The investigation leading to their identification was conducted by the cybercrime unit of the IRS and the FBI, with assistance from the U.S. DoJ, and authorities in Latvia and Cyprus.
Court documents reveal that the administrators promoted SSNDOB through advertisements on the dark web, targeting other cybercrime marketplaces and hacker forums. To evade detection, they exclusively accepted payments in hard-to-trace cryptocurrency and maintained servers in strategic locations worldwide.
Chychasov now faces a potential maximum imprisonment penalty of 15 years and must forfeit an estimated $5 million in proceeds from the criminal activities. The case highlights the seriousness of cybercrime and its impact on the security and privacy of individuals.
