The U.S. Department of Justice (DoJ) confirmed seizing three domains used by cybercriminals to sell stolen personal data and facilitate DDoS-for-hire service.
It has been just a couple of months since the authorities seized the infamous cybercrime portal Raidforums and arrested its alleged owner Diogo Santos Coelho. Now, in a press release, the DoJ and the FBI announced the seizure of three domains- weleakinfo.to, ipstress.in, and ovh-booter.com that the cybercriminals used for trading stolen personal information and offering DDoS for hire service.
The seizure results from an international investigation into sites/domains that allowed users to purchase access to stolen data and target victim networks with Distributed Denial-of-Service attacks (DDoS attacks).
The District of Columbia’s attorney Matthew M. Graves and the FBI Washington Field Office’s Criminal and Cyber Division’s Special Agent in charge, Wayne A. Jacobs, made the announcement.
Details of Seized Domains
According to the DoJ press release issued on May 31st, 2022, the Weleakinfo website offered visitors a searchable database containing stolen information collected from over 10,000 data breaches. Moreover, it allowed users to trade hacked personal data, which the agency referred to as website trafficking in stolen private data.
The site also sold subscriptions to enable users to access the results of these data breaches. Subscriptions provided unlimited searches and access and were offered for 1 day, 1 week, 1 month, 3 months, and even for a lifetime.
The other two domains offered DDoS-for-hire services to their clients. Visitors of these domains will find a seizure banner notifying them that federal authorities have seized the domains after issuing a seizure warrant. The seized domains are currently in the U.S. federal government’s control, and their operations stand suspended.
What Data Was Available for Trading?
The database comprised 7 billion indexed records, including names, usernames, email I.D.s, passwords for online accounts, and phone numbers.
“Today, the FBI and the Department stopped two distressingly common threats: websites trafficking in stolen personal information and sites which attack and disrupt legitimate internet businesses.”
U.S. Attorney Matthew Graves
Special Agent Charles Jacobs noted that the seizure of these websites is a “prime example” of the extensiveness of actions the FBI and other intelligence agencies are undertaking to disrupt “malicious cyber activity.”
The investigation involved the DoJ’s Computer Crime and Intellectual Property Section, the FBI, the U.S. Attorney’s Office for the District of Columbia, the National Police Corps of the Netherlands, and Belgium’s Federal Police.