now browsing by tag
#cybersecurity | #infosec | WeLeakInfo, the site which sold access to passwords stolen in data breaches, is brought down by the FBI
Law enforcement agencies have seized control of the domain of WeLeakInfo, a website offering cheap access to billions of personal credentials stolen from approximately 10,000 data breaches.
For as little as $2 per day, anyone could search the controversial website’s database of records and in many instances extract names, email addresses, phone numbers, and passwords. These passwords could then be used by unscrupulous hackers to break into other accounts where users had made the mistake of reusing the same credentials.
With the seizure of the WeLeakInfo.com domain, the website’s operations are effectively suspended.
Visitors to the WeLeakInfo.com website are now greeted by a message from the various law enforcement agencies who have been investigating the website’s activities.
A 22-year-old man was arrested by police on Wednesday in Fintona, County Tyrone, Northern Ireland, in connection with the website, and another 22-year-old male has been arrested by East Netherland Cyber Crime Unit (Politie) in Arnhem.
According to an NCA press release, the two individuals are suspected by police of having made profits in excess of £200,000 from the site.
Prosecutors are likely to argue that those behind the website were profiting from the unlawful sale of stolen data, and assisting third-parties in also accessing sensitive details.
It’s important to recognise that there is a clear difference between the likes of WeLeakInfo and legitimate services like Troy Hunt’s HaveIBeenPwned.
WeLeakInfo allowed anyone to scoop up the passwords of those involved in a data breach, meaning they could be used in future security breaches.
HaveIBeenPwned, on the other hand, doesn’t store or share anybody’s password – instead the service, which I heartily recommend individuals and organisations sign up for, informs you if your email address has been included in a data breach. And that’s it. The onus is then on you to take steps to protect yourself (which may mean resetting passwords, and ensuring that you are not using the password you use on the hacked website anywhere else).
Authorities say they continue to investigate WeLeakInfo, and one can’t help but wonder if there will be more arrests if the site’s customer details are extracted from the seized infrastructure.
View full post on National Cyber Security
Search engine for leaked passwords shut down
Police have seized WeLeakInfo.com, an online service that turned selling access to data exposed by breaches into a business.
The site offered subscription-based access to billions of compromised user login credentials, essentially offering a search engine for breached personal data including names, email addresses, phone numbers, IP address, and passwords.
A joint law enforcement action led by the UK’s National Crime Agency (NCA), in collaboration with international law enforcement partners including the FBI and the East Netherland Cyber Crime Unit (Politie), has led to the seizure of the domain and the arrest of two suspects.
A 22-year-old male was arrested in Fintona, Northern Ireland by the country’s police service on suspicion of fraud and serious crime offences before being released on bail, pending further inquiries.
Another man, also 22, was arrested in Vriendin, The Netherlands, by Dutch authorities.
Neither suspect has been named but police allege the duo made £200,000 ($261,000) through the dodgy site they ran together.
The pair became suspects after police traced online payments for hosting and other services linked to the site back to IP addresses used by the two men.
Police also established “links between the purchase of cybercrime tools, such as remote access Trojans (RATs) and cryptors, and weleakinfo.com.”
Robert Ramsden-Board, VP EMEA at Securonix, commented in a press release: “Weleakinfo.com was a useful resource for threat actors.
“Hackers could perform unlimited searches for exposed data for as little as $2 a day.
“Hence, providing them with all the information they would need, such as exposed usernames and passwords, to be able to perform credential stuffing attacks and phishing attacks.”
The FBI took ownership of the WeLeakInfo.com domain name and added a notice stating it was seized.
Prior to the takedown, police allege that the site hosted credentials taken from around 10,000 data breaches. The details were used in subsequent cyber-attacks in an unspecified number of cases.
Although WeLeakInfo.com has been taken out of commission, other similar services exist and may well expand to fill the gap in the market occasioned by a rival’s takedown.
In a blog post, security industry veteran Graham Cluley explains the difference between WeLeakInfo and legitimate services like Troy Hunt’s HaveIBeenPwned. The latter only offers warnings – free of charge – that a person’s email address and associated info has been part of a breach without ever storing or offering access to passwords.
YOU MIGHT ALSO LIKE Massive stolen credit card sale features 1.3 mostly Indian records
The post #hacking | International police arrest two after WeLeakInfo takedown appeared first on National Cyber Security.
View full post on National Cyber Security