Earlier today, in federal court in Brooklyn, Djevair Ametovski, a Macedonian citizen, was sentenced by United States District Judge Eric N. Vitaliano to 90 months imprisonment after previously pleading guilty to access device fraud and aggravated identity theft. Those crimes related to Ametovskis operation of ‘Codeshop,’ a website he created for the sole purpose of selling stolen credit and debit card data, bank account credentials and personal identification information.
Ametovski and his co-conspirators operated Codeshop between August 2010 and January 2014, victimizing hundreds of thousands of individuals around the world by hacking into the computer databases of financial institutions and other businesses and through ‘phishing’ scams designed to induce accountholders to unwittingly surrender private identification information. They packaged this stolen data for sale and posted it on the Codeshop website, a fully indexed and searchable website that allowed users to search by bank identification number, financial institution, country, state and card brand to find the data they wanted. The stolen data could then be used to make online purchases and to encode plastic cards to withdraw cash at ATMs. Ametovski used a network of online money exchangers and anonymous digital currencies, including Bitcoin, to reap revenues from the Codeshop website and to conceal all participants identities, including his own. Over the course of the scheme, Ametovski obtained and sold stolen credit and debit card data for more than 1.3 million cards. (Source: U.S. Department of Justice)