Arrests

The Downfall of E-Root a Darknet and Cybercrime Marketplace

E Root Marketplace seized
Rate our article

A Moldovan resident has been sentenced to 42 months in federal prison for operating the E-Root Marketplace, a darknet-based platform involved in the illegal sale of IP credentials and other fraud options. This is the end of the notorious cybercrime marketplace.

Key Insights

  • Sandu Boris Diaconu, a 31-year-old Moldovan national, was sentenced to 42 months in federal prison.
  • Diaconu operated the E-Root Marketplace, selling illegal access and passwords to compromised computers.
  • The marketplace specialized in selling Remote Desktop Protocol (RDP) and Secure Shell (SSH) access.
  • Over 350,000 hacked computer credentials were reportedly sold on the E-Root Marketplace.
  • The operations led to ransomware attacks and stolen identity tax fraud schemes.
  • Diaconu was arrested in the United Kingdom in May 2021 and extradited to the United States in October 2023.

Sandu Boris Diaconu, a 31-year-old from Moldova, has recently been sentenced to 42 months in federal prison for his role in running the famous darknet marketplace known as E-Root.

According to the DOJ press release
“United States Attorney Roger B. Handberg, along with Special Agent in Charge Kareem Carter of the IRS – Criminal Investigation Washington DC Field Office, and Special Agent in Charge David Walker of the FBI – Tampa Division, announces today the extradition and removal from the United Kingdom of Sandu Diaconu for crimes related to his administration of the E-Root Marketplace.”

Court documents showed that Diaconu created and ran the E-Root Marketplace, a group of websites that sold illegal access and passwords to hacked computers around the world, including those of both companies and individuals in the United States. This was an ongoing operation that he worked on with others for years just to keep this operation going undercover.

Court Document claimed that:

“Diaconu has been charged (along with a sealed co-defendant) with conspiracy to commit access device and computer fraud, wire fraud conspiracy, money laundering conspiracy, access device fraud, and computer fraud.”

U.S. Senior District Judge James Moody, Jr., who is based in Tampa, Florida, handed down the sentence after Diaconu confessed and pleaded guilty. The charges were based on conspiracy to commit access devices as well as computer fraud, along with possession of 15 or more unauthorized access devices, found on December 1, 2023. 

Guilty Plea on Complex Cybercrime Network

Diaconu pleaded guilty right after he was deported from the United Kingdom in May 2021, thus showing the international collaboration in tackling cybercrime.

Diaconu’s operation of the E-Root Marketplace involved complex measures and methods to keep hidden the identities of its administrators, buyers, and sellers, which made the platform a popular hub for cybercriminals looking for unauthorized access to computer systems. 

The E-Root Marketplace, that Diaconu was running, was a platform that was used for the sale of access to hacked computers worldwide, which ended up affecting victims across various industries and regions, in different ways. 

This type of marketplace and platform specializes in selling Remote Desktop Protocol (RDP) which is a type of technology that lets you use and control another computer over the internet as if you were sitting right in front of it. While also making use of Secure Shell (SSH) access, which is a protocol used to securely access and manage a remote computer over a network. It provides a secure channel over an unsecured network, encrypting the data exchanged to stop any unauthorized access. SSH is normally used for logging into systems, creating commands remotely, and transferring files, with more than 350,000 hacked computer credentials reportedly sold, that is known of. 

The marketplace was also known for its boasted features such as high-quality customer support, for its users, an exchange and warranty policy for stolen credentials that were purchased on the marketplace, and the use of an online payment system called Perfect Money, which made it very easy and convenient for its users.

E-Root Marketplace Highlights Cybercrime Consequences

The E-Root marketplace’s operations have been linked to a large number of cybercrimes, which have been found to be ransomware attacks and stolen identity tax fraud schemes, creating a concern for the growing number of cybercrimes and attacks globally.  

Combined efforts of international law enforcement agencies built up to the takedown of the E-Root marketplace and the takeover of its associated illegal cryptocurrency exchange service back in 2020. 

Diaconu’s sentencing shows cybercriminals the consequences of engaging in the trade of hacked computer credentials and shows the importance of the commitment of the U.S. Department of Justice and its international partners to break down operations like E-Root.

There is an ongoing need for cybersecurity and awareness among normal individuals who are unaware of operations like E-Root, as well as organizations, who have a need for cybersecurity. As cybercriminals continue to grow their skills, the protection of digital assets against hacking and exploitation remains to be the main priority for many. The good news is some basic OpSec steps can go a long way. Here’s your ultimate OpSec Guide.