A Russian citizen has been sentenced to 30 months in custody in the United States for allegedly running an online criminal website that sold stolen credit card data and other personal information and services for other criminals to use.
FBI officials say Kirill Victorovich Firsov ran the now-defunct online platform deer.io, which started operations as far back as October 2013. As of Firsov's arrest in March 2020, the platform hosted approximately 3,000 active shops with sales exceeding $17 million, officials say.
Although Firsov maintained that the bulk of the sales on deer.io were of Russian accounts, the parties agreed that the government could show that shop owners on the deer.io platform sold at least $1.2 million in U.S.-based stolen information, to include the gamer accounts identified in the plea agreement.
According to a release from the FBI, deer.io sold not only stolen accounts, like the gamer accounts identified in the plea agreement, but also Americans' personal information including names, current addresses, telephone numbers, and at times, Social Security numbers. On March 4, 2020, the FBI purchased 1,100 gamer accounts; on March 5, 2020, the agency purchased the personal data of more than 3,600 Americans. On March 7, 2020, Firsov was arrested by the FBI in New York City when he flew into JFK Airport from Moscow.
"This platform provided cybercriminals with easy access to the personal accounts and information of people around the world, including Americans," said Acting U.S. Attorney Randy Grossman in the FBI statement. "Stopping that flow of stolen information to criminals is critical to addressing the cybercrime threats facing our country, and we will prosecute those who are responsible."
The release on the sentencing can be found here.