A Kazakhstani and a Russian Indicted in the US for Operating Dark Web Marketplaces

Published on September 10, 2024
Written by:
Lore Apostol
Lore Apostol
Infosec Writer & Editor
Image generated by Copilot

The U.S. indicted Alex Khodyrev, 35, from Kazakhstan, and Pavel Kublitskii, 37, from Russia, on charges of operating dark web marketplaces that facilitated the trading of stolen personal, payment card, and banking information. They face charges of access device fraud and wire fraud conspiracy, and each faces a maximum penalty of 20 years in federal prison if convicted on all accounts. 

According to the indictment, Khodyrev and Kublitskii were at the helm of WWH Club (wwh-club.ws) and several associated dark websites from 2014 to 2024. 

Both Khodyrev and Kublitskii had been residing in Miami for the past two years, continuing to manage the dark web sites until their arrest and subsequent indictment. 

These platforms functioned as marketplaces, forums, and training hubs, enabling users to engage in the sale and purchase of sensitive information, including personal identifying information (PII), card details, and banking credentials.

Members of these sites also used the forums to exchange techniques for conducting cyberattacks, committing fraud, and evading law enforcement. Notably, the WWH Club offered courses on executing fraudulent activities, highlighting its role as a comprehensive resource for cybercriminals.

The indictment alleges that Khodyrev, Kublitskii, and their associates profited from these dark web operations through membership fees, advertising revenue, and tuition fees. By 2023, the WWH Club boasted approximately 353,000 users worldwide.

Furthermore, the US intends to forfeit assets linked to the offenses, including a 2023 Mercedes-Benz G63 AMG and a 2020 Cadillac CT5 Sport sedan, both reportedly traceable to the proceeds of their illegal activities.

The U.S. Department of Justice (DoJ) charged a Russian civilian with conspiracy to infiltrate and destroy Ukrainian government computer systems via data-destroying malware known as WhisperGate in January 2022, a hacking effort by Russia before the Federation’s illegal invasion of Ukraine in February 2022.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: