University News

Three Ukrainians created and supported the activities of the famous in Darknet resource "xDedic". This       e-shop provided an opportunity for its users to sell and buy access to "broken" servers. The malefactors managed to sell more than 70,000 passwords and logins of remote access to servers from 170 countries of the world, according to cyberpolice -The official website of the Ukrainian cyberpolicy. On Monday, January 28, 2019, the Deputy Attorney General- Yevgeny Yenin during a joint briefing with the head of the National Police of Ukraine, Sergey Knyazev, reported that on Thursday, January 24, 2019, an international joint group that included members of the Prosecutor General’s Office of Ukraine, the National Police, and the FCCU of Belgium, with the assistance of Europol, the US Federal Bureau of Investigation (FBI ) and the US Internal Revenue Service (IRS) in Tampa (Fla.) conducted searches in nine locations in Ukraine. Several IT systems were confiscated during searches. Also three suspects were interrogated. The aforementioned searches were carried out as part of an investigation of criminal proceedings against the illegal online store xDedic, which offered to sell access to tens of thousands of compromised (broken) servers of the victims (companies and individuals).
Access to the specified online store could be obtained through domains in both the open network and the Dark Web.
Hacking activity was carried out by hacking access via Remote Desktop Protocol (RDP). Buyers and sellers traded such RDP servers on this platform. The cost of each server ranged from six to more than ten thousand dollars.
US investigation into the criminal group of the xDedic online store was carried out by the US Attorney's Office of the Midland County of Florida.
On Thursday, January 24, 2019, access to “xDedic” was terminated in accordance with the decisions of the American court, and the components of the criminal infrastructure were confiscated. Users who will try to access the xDedic domain will be redirected to the government page, which explains that this online store has gone offline. German police also assisted in confiscating and blocking access.
The Belgian federal prosecutor's office launched an investigation on xDedic in June 2016. The use of special investigative techniques enabled the Federal Anti-Cyber Crime Unit (FCCU) to visualize the xDedic criminal infrastructure and obtain digital copies of its most important servers. In order to accomplish this task, intensive cooperation was established with the National Prosecutor’s Office and the National High-Tech Crime Unit of the Netherlands using the European Investigation Warrant.
During 2017, the Federal Prosecutor's Office appealed to the investigative judge in Mechelen with a request to initiate a judicial investigation into the facts of a criminal organization, illegal access and interference with the data and operation of the systems. A thorough analysis of the content of these servers, in the implementation of which Europol and the Cyber Police Department of the National Police of Ukraine provided important support, allowed the identification of administrators in Ukraine.
During this investigation, the Belgian and Ukrainian law enforcement agencies closely coordinated investigative actions. At the beginning of 2018, the Prosecutor General’s Office of Ukraine and Europol signed the Agreement on the establishment of a joint investigation team.
Further support by the Ukrainian side was provided within the framework of the criminal proceedings of the SSU National Police within the framework of the procedural guidance of the Department of International Legal Cooperation of the Prosecutor General's Office of Ukraine.
As soon as it turned out that the Belgian and American criminal investigations share common goals and tasks, the Belgian and American investigators and prosecutors began to work closely together to achieve these goals.
In 2018, Eurojust organized two coordination meetings between the three countries in The Hague.
Thanks to coordinated efforts, the Belgian, Ukrainian, and American law enforcement agencies, the prosecutor's office, and the police have dealt a crushing blow to the illegal trade in “broken” computer systems. In addition, it is an important signal for those who commit other criminal acts on the Internet that they are not insured from criminal prosecution even on the Dark Web. The law enforcement approach used in the xDedic case demonstrates the importance of intensive international cooperation for implementing successful measures against organized crime in the Dark Web.
The investigation of this case in Ukraine, Belgium and the USA is still ongoing.