The U.S. Department of Justice has announced the takedown of Rydox, an illicit online marketplace specializing in stolen personal data, access devices, and cybercrime tools.
Alongside the seizure of the Rydox domain, law enforcement arrested three key administrators, marking a pivotal moment in the fight against digital fraud.
Kosovo nationals Ardit Kutleshi, 26, and Jetmir Kutleshi, 28, were apprehended by Kosovo law enforcement earlier today. They await extradition to the United States to face charges from a newly unsealed indictment in the Western District of Pennsylvania. A third administrator, Shpend Sokoli, was arrested in Albania by the country’s Special Anti-Corruption Body (SPAK) and will face prosecution locally.
Since its inception in February 2016, the Rydox marketplace facilitated over 7,600 sales of stolen data and cybercrime tools, generating at least $230,000 in revenue. More than 321,000 items—from personal identifiable information (PII) to spamming tutorials—were offered to over 18,000 users worldwide. Victims included thousands of U.S. residents whose sensitive information, such as Social Security numbers and credit card details, were exploited for profit.
“For over eight years, Rydox enabled cybercriminals to thrive by selling stolen data and fraud tools,” stated Nicole M. Argentieri, Principal Deputy Assistant Attorney General. “Today’s actions dismantle this illegal enterprise and demonstrate the power of international collaboration in combatting cybercrime.”
U.S. Attorney Eric G. Olshan emphasized the local impact of global cybercrime, noting, “While these crimes often originate overseas, their consequences devastate communities here at home. Today’s takedown sends a clear message: perpetrators will be held accountable regardless of their location.”
FBI Special Agent Kevin Rojek echoed these sentiments, highlighting the operation as “a major blow to the criminal underground profiting from stolen information.”
The takedown was made possible through collaboration with the FBI, Kosovo Police’s Cybercrime Directorate, SPAK, and the Royal Malaysian Police. Servers hosting the Rydox marketplace in Kuala Lumpur, Malaysia, were seized, and approximately $225,000 in cryptocurrency linked to the defendants was confiscated. The website’s domain, www.Rydox.cc, now displays a federal seizure notice.
Ardit and Jetmir Kutleshi face multiple charges, including identity theft, access device fraud, and money laundering. Convictions could result in up to 20 years in prison for money laundering alone, with additional penalties for other charges. A federal district court judge will determine sentencing.
