Kaye is believed to have been behind The Real Deal, a dark web marketplace for illegal items like hacking tools and stolen credentials. The site offered stolen credentials for sale, including those of U.S. government agencies. The UK police arrested Kaye at a London airport in February 2017. Kaye was overseas when the current indictment was filed. He agreed to his extradition from Cyprus to the U.S. in September. “This case is an example of our persistent determination to work with our international partners to hold criminals accountable no matter how sophisticated their cyber fraud or their geographic location,” Keri Farley, Special Agent in Charge of FBI Atlanta, said. “Let this indictment be a message that the FBI and our partners place a high priority on the investigation and prosecution of hackers who intrude into our infrastructure and threaten the personal security of our citizens.”
The Real Deal Marketplace
Kaye, who goes by many aliases, including Popopret, Bestbuy, Logger, David Cohen, and Ibrahim Sahil, allegedly ran The Real Deal between 2015 and November 2016. He allegedly advertised a DDoS-for-hire service backed by a botnet of 400,000 IoT devices. The Real Deal marketplace sold more than just login credentials. Visitors could purchase a variety of stolen data, including credit card information. The marketplace also sold illegal drugs, botnets, and hacking tools. According to the DOJ, the dark web marketplace was organized into categories: Exploit Code, Counterfeits, Drugs, Fraud & More, Government Data, and Weapons. Vendors could create accounts and list their products. Vendors also maintained profile pages and received ratings from buyers.
Stolen Credentials of U.S. Government Agencies
The DOJ’s indictment alleges that The Real Deal marketplace sold login credentials that would have allowed unauthorized persons to access the systems of several U.S. government agencies. These agencies include the U.S. Postal Service, the National Oceanic and Atmospheric Administration (NASA), the Centers for Disease Control and Prevention (CDC), the National Aeronautics and Space Administration (NASA), and the U.S. Navy. It also alleges that Kaye trafficked stolen social security numbers with an individual or group known as “thedarkoverlord.” The DOJ said Kaye laundered the cryptocurrency assets he received as payment from The Real Deal through Bitmixer.io to shield himself from the government’s blockchain tracking. The U.S. government has come down hard on popular cryptocurrency mixers in recent months for their role in laundering stolen funds. “While living overseas, this defendant allegedly operated an illegal website that made hacking tools and login credentials available for purchase, including those for U.S. government agencies,” said Ryan K. Buchanan, U.S. Attorney. “This case is a timely reminder, during National Cybersecurity Awareness Month, that federal law enforcement will make those accused of breaking U.S. laws face their day in court, regardless of where they reside in the world.”