Three arrested in Kosovo for operating Rydox cybercriminal marketplace

The U.S. Justice Department on Thursday said it took down the popular cybercriminal marketplace Rydox and requested the extradition of two Kosovo nationals responsible for running it.

Rydox was used to sell stolen personal information, device access and other tools necessary for cybercrime and fraud. 

Ardit Kutleshi, 26, and Jetmir Kutleshi, 28, were arrested in Kosovo by local law enforcement on Thursday and U.S. officials submitted a request for extradition through an indictment unsealed in the Western District of Pennsylvania. 

Both men are charged with two counts of identity theft, one count of conspiracy to commit identity theft, one count of aggravated identity theft, one count of access device fraud and one count of money laundering. 

If convicted, they each face a maximum of 37 years in prison. 

Kosovo national Shpend Sokoli, another person involved in running Rydox, was also arrested on Thursday in Albania by the Special Anti-Corruption Body (SPAK) where he will be prosecuted. The Justice Department did not respond to requests for comment about why Sokoli is not being extradited. 

All three men ran the popular platform and earned at least $230,000 in revenue since creating it in 2016. More than 7,600 sales were conducted on Rydox — most of which involved personal information, credit card numbers and login credentials from people in the U.S. 

Prosecutors said Rydox had about 18,000 users who bought Social Security numbers and manuals on how to create scam pages and more. Users had to make a deposit to the site before being approved to buy products sold on the platform. 

An FBI agent created an account on the site and purchased 40 packages called “fullz” — which include a person’s name, address, Social Security number, date of birth, driver’s license number and email address.

Deputy Assistant Attorney General Nicole Argentieri, head of the Justice Department’s Criminal Division, said thousands of U.S residents were victimized by the platform through the sale of their information.

The Justice Department also seized the domain www.Rydox.cc and worked with the Royal Malaysian Police to take down servers in Kuala Lumpur, Malaysia that the platform used to host the marketplace.