A 34-year-old U.K. national has been arraigned in the U.S. for operating a dark web marketplace called The Real Deal that specialized in the sales of hacking tools and stolen login credentials.
Daniel Kaye, who went by a litany of pseudonyms Popopret, Bestbuy, UserL0ser, and Spdrman, has been charged with five counts of access device fraud and one count of money laundering conspiracy.
Kaye was indicted in April 2021, and subsequently consented to his extradition from Cyprus to the U.S. in September 2022.
"While living overseas, this defendant allegedly operated an illegal website that made hacking tools and login credentials available for purchase, including those for U.S. government agencies," said U.S. Attorney Ryan K. Buchanan.
Court documents show that The Real Deal, until its shutdown in 2016, functioned as a market for illicit items, including stolen account logins for U.S. government computers, bank accounts, and social media platforms such as Twitter and LinkedIn.
Also peddled through the portal were plundered credit card information, personal data, botnets, hacking tools, illegal drugs, and weapons which were listed for sale by vendors, who had their own profile pages that offered an option to rank them.
Some of the U.S. government computers whose credentials were allegedly sold by Kaye belong to the U.S. Postal Service, the National Oceanic and Atmospheric Administration, the Centers for Disease Control and Prevention, the National Aeronautics and Space Administration, and the U.S. Navy.
Kaye was previously arrested by the U.K. law enforcement authorities in February 2017, and was subsequently jailed for 32 months in January 2019 for attacking an African phone company that knocked Liberia offline in 2016.
Are you aware of the risks associated with third-party app access to your company's SaaS apps? Join our webinar to learn about the types of permissions being granted and how to minimize risk.RESERVE YOUR SEAT
"[Kaye] ran a botnet using a modified Mirai variant which spread via zero-day exploits," security researcher Marcus Hutchins noted in a series of Tweets. "Some of the DDoS attacks we saw were peaking at over 1 Tbps."
Furthermore, the indictment accuses Kaye of conniving with one or more persons going by the name "thedarkoverlord" to sell Social Security numbers, not to mention launder the cryptocurrency proceeds of the sale through mixing services like Bitmixer.io to obscure the money trails.
"This case is an example of our persistent determination to work with our international partners to hold criminals accountable no matter how sophisticated their cyber fraud or their geographic location," said Keri Farley, Special Agent in Charge of FBI Atlanta.