Algerian man extradited from Spain, charged with running cybercrime operation

As reported by CyberScoop, an Algerian national identified as Abdellah Belmili, also known online as “SPOX,” has been extradited from Spain to face charges in the U.S. for allegedly operating a significant cybercrime enterprise that defrauded thousands of victims and processed approximately $900,000 through cryptocurrency over a three-year period.

Belmili, 26, is accused of creating and managing illicit online marketplaces, market0day.com and spoxy.us, which sold tools for fraud, including financial credentials, phishing kits, and compromised server access. Transactions were exclusively in Bitcoin. The FBI's investigation began in September 2020 after a confidential source alerted them to the marketplaces. Undercover agents successfully purchased phishing kits and compromised server access.

Belmili allegedly used stolen identities to register new sites and embedded his personal information in early versions of his phishing kit code. Investigations revealed he used his personal email to research hacking tools and received approximately 1,400 emails containing stolen personal information from active phishing kits targeting major financial institutions like JPMorgan Chase, Bank of America, and Wells Fargo. He is also suspected of building backdoors into sold kits to continue harvesting data.

Approximately $900,000 was deposited into an account linked to Belmili between January 2020 and January 2023, with significant portions transferred or withdrawn. Investigators identified about 595 phishing kits created by Belmili, impacting roughly 5,600 victims globally.

Source: CyberScoop