On 24 January, the U.S. Prosecutor’s Office for the Middle District of Florida, the FBI and the Internal Revenue Service (IRS) of Tampa (Florida), the Federal Computer Crime Unit (FCCU), the Federal Prosecutor’s Office and the Investigating Judge of Belgium, as well as the Ukrainian National Cyber Police and Prosecutor General’s office of Ukraine, with the support of the Bundeskriminalamt of Germany and Europol seized the xDedic Marketplace.
The servers and domain names of the xDedic Marketplace were seized, and the website’s criminal activities stopped. The xDedic Marketplace sold access to compromised computers worldwide as well as personal data. It operated in both the clear and dark web.
Users of xDedic could search for compromised computer credentials by criteria, such as price, geographic location, and operating system. The xDedic administrators strategically maintained servers all over the world. Furthermore they utilised Bitcoin to hide the locations of its underlying servers and the identities of its administrators, buyers, and sellers. The victims came from all around the world and involved all kind of industries. This includes local, state, and federal government infrastructure, hospitals, emergency services, major metropolitan transit authorities, accounting and law firms, pension funds, and universities. Authorities believe the website facilitated more than $68,000,000 in fraud.
At the beginning of 2018, a Joint Investigative Team (JIT) agreement was signed between the Federal Prosecutor and the Investigating Judge of Belgium and the Prosecutor General of Ukraine, Europol and Eurojust. Europol organised operational meetings in its headquarters in The Hague and provided operational analysis, forensic support and on the spot support.