Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
threatpostTara SealsTHREATPOST:3D6A5E941AEA9BC7139452558412C5EA
HistoryJan 17, 2020 - 9:46 p.m.

Feds Cut Off Access to Billions of Breached Records with Site Takedown

2020-01-1721:46:14
Tara Seals
threatpost.com
65
JSON

The feds and international law enforcement have taken down a website that was selling access to billions of stolen personal records.

The FBI and the Department of Justice said on Thursday that they, in conjunction with the Dutch police, the United Kingdom’s National Crime Agency and Germany’s Bundeskriminalamt, have seized the internet domain name “weleakinfo.com,” effectively suspending its operations. Separately, in conjunction with the case, the Oost-Nederland police arrested a 22-year-old in Arnhem, Netherlands; and, a 22-year-old man in Northern Ireland was also taken into custody, according to local reports.

However, the authorities are still on the hunt for any other suspected operators and owners of the site, and are asking for information as to their whereabouts via the FBI’s Internet Crime Complaint Center (IC3).

WeLeakInfo, despite its name, marketed itself as a legitimate data-breach notification company; it provided subscription services where users could sign up for one-day trial for $2, a week for $7, a month for $25 or three months for $70. Users would gain access to a search engine, used for perusing more than 12 billion personal records gleaned from 10,000 different data breaches. The records contained the usual cybercrime goodies: Names, email addresses, usernames, phone numbers and passwords for online accounts, according to the DoJ. However, it’s self-description on Twitter gives a more altruistic spin on its wares, framing itself as a HaveIBeenPwnd-like service: “Have your passwords been compromised? Find out by searching through over 12 billion records and 10,000 data breaches.”

The site itself seemed blindsided by the action, judging from this tweet:

> [status] Investigating: We are currently investigating this issue. <https://t.co/9vzK4O49gw&gt;
>
> — We Leak Info (@weleakinfo) January 15, 2020

Site users meanwhile at first didn’t believe the action was real:

> This is a Fake. The same picture was used as April Fool’s Day.
>
> — Akt Veron (@AktVeron) January 16, 2020

And many have taken to the Twitterverse to complain that their subscriptions just started and to request refunds:

> UHM, I had like 18 days left. pls help111111
>
> — Twin Turbo 🔰 (@Turbskii) January 16, 2020

“With execution of the warrant, the seized domain name – weleakinfo.com – is now in the custody of the federal government,” according to the FBI’s notice. “Visitors to the site will now find a seizure banner that notifies them that the domain name has been seized by federal authorities.”

_Concerned about mobile security? _Check out our free Threatpost webinar,_Top 8 Best Practices for Mobile App Security, on Jan. 22 at 2 p.m. ET. _Poorly secured apps can lead to malware, data breaches and legal/regulatory trouble. Join our experts from_Secureworks and White Ops to discuss the secrets of building a secure mobile strategy, one app at a time. _Click here to register.

JSON