US shuts down site for trading stolen passwords


The FBI has shut down a cybercriminal website for selling access to a staggering seven billion records of pilfered data, the Department of Justice announced.

The Bureau took the decision to shut down weleakinfo.to, along with affiliated domains ipstress.in and ovh-booter.com, after an international investigation found that they were trading in stolen personal credentials and facilitating cyberattacks.

ADVERTISEMENT

“Today, the FBI and the Department stopped two distressingly common threats: websites trafficking in stolen personal information, and sites which attack and disrupt legitimate internet businesses,” said the US Attorney Matthew Graves of the District of Columbia.

“Cybercrime often crosses national borders,” he added, while praising police in Belgium and the Netherlands for their help in taking down the sites. “Using strong working relationships with our international law enforcement partners, we will address crimes like these that threaten privacy, security, and commerce around the globe.”

WeLeakInfo provided clients with a search engine that allowed them to browse its ill-gotten data haul, obtained in more than 10,000 breaches and including names, email addresses, passwords, and phone numbers. Cybercriminals paid for this service via subscription, ranging from one day in duration to lifetime membership.

The impounded domain name was indexed to Tonga, and is thought to have been a workaround adopted by the threat actors responsible for the original site, weleakinfo.com, shut down by the FBI and Department of Justice in 2020.

The websites IpStress and OvhBooter were also seized, after it was found their domain names referred to “stressor” and “booter” or distributed denial of service (DDos) attacks offered at a price to clients, allowing multiple internet devices to flood a target site with traffic and force it to shut down. Often used by hacktivists, this tactic can also be employed by cybercriminals seeking to extort victims.

All three websites are now in the custody of the FBI, and visitors will find nothing more than a notification informing them that they have been impounded pursuant to a seizure warrant issued by the District of Columbia.

As above
ADVERTISEMENT