This week, the US Department of Justice (DoJ) said that Kirill Victorovich Firsov, 30, will spend 30 months behind bars for acting as the administrator of Deer.io, a now-defunct website that offered a form of 'Shopify' front for criminal activity.
Deer.io, thought to have been in operation since at least 2013, hosted over 24,000 online stores on a subscription basis over the course of its lifetime, with prices set at approximately $12 per month. According to the DoJ, at the time of its seizure, Deer.io catered to 3,000 active stores with sales exceeding $17 million.
The FBI's complaint said that despite claims deer.io was only used for legitimate businesses, a search on the website -- which did not need any special access privileges -- revealed that the bulk of the sales were made by cybercriminals.
Law enforcement found stolen accounts on sale, alongside PII including names, addresses, telephone numbers, and Social Security numbers. Many victims were located in the US and Europe.
If a cybercriminal wished to open a deer.io store, they would upload their 'products' and link a cryptocurrency wallet to their storefront. The subscription fee, required monthly, was paid through cryptocurrency or payment methods such as WebMoney.
US Attorney Robert Brewer called the platform a "one-stop shopping for criminals."
During the FBI's investigation, on March 4, 2020, the agency purchased 1,100 compromised gamer accounts, and then on March 5, the FBI purchased PII belonging to over 3,600 US citizens.
Firsov was arrested in New York City after flying into JFK airport from Moscow, Russia.
On January 21, 2021, Firsov pleaded guilty to the "Unauthorized Solicitation of Access Devices," a charge which carries a maximum penalty of 10 years in prison and a $250,000 fine.
"At sentencing [...] the prosecutor asserted that Firsov knew deer.io was selling stolen and counterfeit accounts, because he built the platform, which included a number of icons for US-based companies that anyone setting up a store on deer.io could click on to then sell stolen accounts from those US companies," prosecutors say. "Even though it sold stolen accounts, deer.io was not cloaked in secrecy and required no special password for access, because everything was run out of Russia, and American law enforcement could gain no foothold."
While deciding on an appropriate sentence, presiding US District Judge Cynthia Bashant acknowledged that Firsov has already spent 15 months in the US prison system -- and during the COVID-19 pandemic -- and he would likely remain incarcerated when deportation procedures begin after he has served his term.