Website Puts 12 Billion User Records Up For Sale and Gets Seized By US Authorities


Are you fond of buying stolen'/leaked data? Because, one such domain, named ‘WeLeakInfo.com’ recently got seized by the US authorities.

WeLeakInfo, with its absolutely convenient name, had been selling stolen data from other hacked websites, online for the past three years.

The website provided an online service where hacked data was made available to people willing to pay for it.

Per sources, hackers were made available people’s “cleartext passwords” which aided them to purchase a subscription on the site in order to attain access to tons of user credentials.

Apparently, this illegal website was doing so well that it had gotten quite a popular fan-base for itself in the hacking “underworld”.

Reportedly, people were even providing them with consignments to execute recon on targeted individuals and organizations alike.

The modus operandi was in the way, that hackers would buy access to the site. They’d then search for names, emails and usernames of people they want to hack. The site would come up with results in the affirmative as to in which data breaches exactly were the required user’s data available.

The hackers would then have complete access to people’s passwords which they could easily run against that person’s other online profiles as well.

The cost of the website was incredibly low making it easily accessible to all sorts of hackers of all sorts of abilities and financial attributes.

Reportedly, for a lowly amount of $2/day hackers could fully wring the website for unlimited searches for any user’s data which was ever in a data breach.

During the silence before the storm period, WeLeakInfo was proudly flaunting on its website its expanded network of over 12 billion user records owing it to more than 10,000 data breaches, reports mentioned.

The storm hit and WeLeakInfo got taken down together by FBI, authorities from the Netherlands, Northern Ireland, the UK, and Germany.
Also, per sources, two arrests were made in the Netherlands and Northern Ireland each. Reportedly, the arrested suspects are allegedly staff members of the site.

After the US authorities took down “LeakedSource” in February 2017, “WeLeakInfo happens to be the second most major website to go down the same drain.

There still exist several websites that are providing people access to stolen data especially cleartext password, as you read this.

Per sources, similar websites, allegedly by the name of “Detached”, “Leak-Lookup” and “Sunbase” have been created on the model of a website “Have I Been Pwned” which is a website created by Australian researchers, per reports.

The model of the three websites and “Have I Been Pwned” may be the same but the latter never permits access to cleartext passwords.



from E Hacking News - Latest Hacker News and IT Security News https://ift.tt/376R3fE