US takes down illegal marketplace with personal data of 24 million people


A series of websites dubbed SSNDOB was used for trading the names, dates of birth, and Social Security numbers of Americans.

An international law enforcement operation took down the SSNDOB Marketplace, the Department of Justice (DoJ) announced. At the time of its seizure, the marketplace listed personal information of 24 million Americans and generated $19 million in sales revenue.

The operation was carried out by the FBI, the Internal Revenue Service, and the Department of Justice, with the help of the law enforcement in Cyprus and Latvia. The authorities seized four domain names that made up the SSNDOB Marketplace, ssndob.ws, ssndob.vip, ssndob.club, and blackjob.biz.

ADVERTISEMENT

The marketplace catered to the criminal underground, with SSNDOB administrators purchasing ads on the darkweb, providing customer support services, and regularly monitoring activities on all websites.

According to the DoJ, the administrators of the illegal marketplace were very cautious in protecting their identities. Threat actors used monikers to distance from their real identities, maintained servers in various countries, and only accepted digital payments.

Malicious actors can use data bought on SSNDOB for identity theft. Personally identifiable information (PII) allows setting up fake bank accounts, purchasing goods and services under stolen names, and hiding from law enforcement.

According to a report by blockchain analysis firm Chainalysis, SSNDOB users traded mostly in Bitcoin and Litecoin. Users were available to browse available PII by country and search for specific names or other characteristics.

Chainalysis claims that SSNDOBs Bitcoin payment processing system has been active since April 2015, and the service has receives nearly $22 million worth of Bitcoin across over 100,000 transactions.

“That works out to roughly $220 per transfer on average, and a median payment size of $80, which matches what we’d expect for individual purchases of PII,” reads the report.

Researchers noted that SSNDOB seems to have been related to another recently seized darknet marketplace that focused on stolen credit card information, Joker Stash.

ADVERTISEMENT

Transactions worth over $100,000 between SSNDOB and Joker Stash indicate the two may have had some relationship or even shared ownership.