Jan 20, 2020 15:00:00

A dark site that sold 12 billion passwords is arrested by the international police

by

stevanovicigor

The United States Department of Justice announced on January 16, 2020, that two operators of the personal information resale site ' WeLeakInfo ' have been arrested. WeLeakInfo, which was shut down as a result, reportedly sold over 12 billion pieces of information collected for more than 10,000 data breaches for only $ 2.

Weleakinfo.com: Site hosting stolen credentials taken down after international operation-National Crime Agency
https://www.nationalcrimeagency.gov.uk/news/weleakinfo-com-site-hosting-stolen-credentials-taken-down-after-international-operation

WeLeakInfo.com Domain Name Seized | USAO-DC | Department of Justice
https://www.justice.gov/usao-dc/pr/weleakinfocom-domain-name-seized

Twee verdachten aangehouden in onderzoek naar gestolen wachtwoorden | politie.nl
https://www.politie.nl/nieuws/2020/januari/17/02-twee-verdachten-aangehouden-in-cybercrimeonderzoek-naar-gestolen-wachtwoorden.html

Stolen creds site WeLeakInfo busted by multinational cop op for data reselling • The Register
https://www.theregister.co.uk/2020/01/17/weleakinfo_takedown_nca_fbi_operation/

At the time of writing the article, even if you access the WeLeakInfo site , you only see a message saying `` This domain has been seized '' and an image with the logo of the six investigating agencies displayed, and you can browse anything You can not.

However,

if we look at WeLeakInfo as of January 8 in the Internet Archive , 'Search the 12,415,528,536 records to see if you are safe! Total 10,368 information The leak has been indexed. 'And a search field. However, of course, if you enter a word in the search field, you will not get any search results.

Scroll down and you'll find information about the price courses for subscribing to WeLeakInfo and see that you can subscribe to the cheapest '24-hour trial course' for only $ 2 (about 220 yen).

WeLeakInfo's Twitter tweeted on January 15 that 'we are currently investigating the issue,' indicating that we were not able to figure out where the domain was seized by law enforcement.

[Status] Investigating:. We Are Currently Investigating This Issue Https://T.Co/9vzK4O49gw

— We Leak Info (@weleakinfo) January 15, 2020

According to a statement from the U.S. Department of Justice, the investigation involved a total of the ministry and the Federal Bureau of Investigation (FBI) , the UK's Critical Organized Crime (NCA) , the German Federal Criminal Service , the Dutch National Police , and the Northern Irish Police . Six investigative agencies participated.

Two suspects who operated WeLeakInfo were also identified and arrested. Netherlands National Police is the 'arrested the suspect 22-year-old living in the Gelderland provincial capital Arnhem, seized the equipment from the home of the suspect' in the January 17 announcement . Northern Ireland Police also tweeted that `` A search led by the UK's Severe Organized Crime Bureau closed the site used by criminals to obtain personal information and arrested a man living in Fintona in Northern Ireland 'And announced.

Website Providing Criminals A Access To Personal Credentials Has Been Shut Down Following An Investigation Led By The National Crime Agency (NCA), In Collaboration With International Law Enforcement Partners, Including PSNI. Fintona Man Arrested. Https://T.Co/4sPFjg9mcK Pic .twitter.com / F0DoUXEuoF

— Police Service NI (@PoliceServiceNI) January 18, 2020

According to the NCA, the suspects are both 22-year-old men who have earned more than £ 200,000 in total through the operation of WeLeakInfo. 'WeLeakInfo was an important part of the cybercriminals' toolkit, and the crimes involved multiple hackers in the event of a data breach,' said Andrew Shalock, a senior NCA investigator. Indicates that they were abusing password reuse on their site. '