A man from Minneapolis, has been sentenced to five years in prison after purchasing nearly 2,500 stolen login credentials from a darknet marketplace as part of a scheme to obtain money under false pretenses. Authorities charged him with wire fraud and aggravated identity theft in connection with the operation.
The Fraudulent Scheme
The man charged, Andrew Shenkosky, purchased the stolen login credentials on Genesis Market throughout 2020. During that period, Shenkosky bought 2,468 stolen credentials linked to banks and other financial platforms and attempted to illegally withdraw funds from those accounts, often directing the money to his PayPal accounts. He also attempted to sell victims’ data on Raid Forums, a popular hacking forum that was later seized by authorities.
Genesis Market itself was seized by the FBI in 2023, which likely enabled investigators to conduct the operation that ultimately led to Shenkosky’s case. Authorities also uncovered that Shenkosky purchased his initial invite code to Genesis Market using cryptocurrency bought through a Coinbase account that had been opened using a stolen identity, although it is unclear whether or how this specifically helped investigators link the activity to him.
Indictment & Charges
Following an investigation by the FBI Cybercrime Unit and the FBI’s Minneapolis and Detroit Field Offices, Andrew Shenkosky was indicted by a grand jury in January 2025. He was charged with one count of aggravated identity theft, one count of possession of unauthorized access devices, and one count of trafficking in computer access information. After being found guilty, Shenkosky was sentenced to five years in prison.
OPSEC Mistakes Linger
The indictment may have come as a surprise to Andrew, especially considering how long ago the actions he was charged for took place. It highlights how operational security mistakes that expose a person’s identity or digital footprint can persist for years. When a marketplace is seized it often becomes a treasure trove of information for investigators, regardless of how secure it once claimed to be. In practice, any market, even those widely trusted by the community, can eventually provide information to authorities, which is why many people treat them cautiously and try to limit identifiable traces in their communications, payments, and overall digital activity.
0 Comments