Skip to main content
Press Release

Operator Of Alleged Cybercrime Marketplace Extradited To The United States To Face Charges

For Immediate Release
U.S. Attorney's Office, Eastern District of New York
“Codeshop” Website Sold Troves of Stolen Credit Card Data and Bank Account Logins on the Black Market from 2010 to 2014

On Friday, May 20, 2016, a complaint was unsealed in Brooklyn federal court charging Djevair Ametovski, a Macedonian citizen also known as “codeshop,” “sindrom,” and “sindromx,” with crimes related to his operation of the website, a website allegedly created for the sole purpose of selling illegally obtained credit and debit card data and personal identification information for financial gain.  The charges include aggravated identity theft, access device fraud conspiracy, and wire fraud conspiracy.  The defendant is scheduled to be arraigned at 11 a.m. tomorrow, May 21, 2016, before United States Magistrate Judge Roanne L. Mann at the U.S. Courthouse, 225 Cadman Plaza East, Brooklyn, New York.

The charges were announced by Robert L. Capers, United States Attorney for the Eastern District of New York, and David E. Beach, Special Agent in Charge, United States Secret Service, New York Field Office.

“Cybercriminals who create and operate online criminal marketplaces in which innocent victims’ financial and personal information are bought and sold erode consumer trust in modern-day payment systems and cause millions of dollars in losses to financial institutions and unsuspecting individuals.  Today marks a major step in bringing the alleged operator of one such criminal marketplace to justice, and should serve as a warning to others who seek to profit from perpetuating these fraudulent schemes,” stated United States Attorney Capers.  Mr. Capers cited the extraordinary efforts of the Secret Service, the agency responsible for leading the government’s investigation, and also thanked the Slovenian Ministry of the Interior and Ministry of Justice, for their assistance in the investigation and effecting the defendant’s extradition, the United States Marshals Service, for their assistance in transporting the defendant to the United States, and the U.S. Department of State Regional Security Officers in Slovenia and the Netherlands, for their assistance in facilitating the defendant’s extradition.   

“Today’s extradition of alleged cybercriminal Djevair Ametovski from Central Europe is the culmination of a seven-year investigation and demonstrates the relentless pursuit by the Secret Service and its international partners to bring cybercriminals to justice.  Multinational cyber investigations require establishing critical partnerships with our international law enforcement partners.  The immeasurable assistance provided to our New York Electronic Crimes Task Force by the Slovenian Authorities in this case illustrates that our investigative reach will continue to expand beyond the borders of the United States,” said Special Agent in Charge Beach of the United States Secret Service New York Field Office.

As detailed in the complaint, Ametovski obtained valuable data from hackers, who stole it from financial institutions and other businesses or from individuals using “phishing” tactics.[1]  Ametovski then sold the data on his website, a fully indexed and searchable website that allowed users to search through databases of stolen data by bank identification number, financial institution, country, state, and card brand to find the precise data that they wished to buy.  Individuals who bought data from the website generally used it to make online purchases and to encode plastic cards with the data and use the cards to withdraw cash at ATMs.  Ametovski used a network of online money exchangers and digital currencies to pay the hackers who fed him data and to receive payments from the website users who bought data in order to conceal all participants’ identities, including his own.  Over the course of the scheme, Ametovski obtained and sold credit and debit card data for more than 181,000 different cards.  In many instances, the data included personal details associated with the account holder, including email address, billing address, phone number, and account holder name.  The charged scheme resulted in millions of dollars in financial losses to thousands of victims around the world. 

Ametovski was arrested in Ljubljana, Slovenia, on January 22, 2014, and was extradited to the United States today.

The charges in the complaint are allegations, and the defendant is presumed innocent unless and until proven guilty.         

The government’s case is being handled by the Office’s National Security & Cybercrime Section.  Assistant United States Attorneys Una Dean, Saritha Komatireddy, and Hilary Jager are in charge of the prosecution.  Substantial assistance was provided by Marcus Busch of the Justice Department’s Office of International Affairs.


The Defendant:

Alias:  Codeshop, Sindrom, Sindromx
Age: 29
Nationality:  Macedonian E.D.N.Y. Docket No. 14 M 058



[1] “Phishing” is a common cyber fraud tactic that involves sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information.  In this case, such emails commonly directed users to visit a bogus website where they were asked to update personal information, such as passwords and credit card, social security, and bank account number previously provided to a legitimate organization.

Updated May 23, 2016

National Security