The FBI has joined forces with the UK’s National Crime Agency (NCA) and other law enforcers to suspend a popular website which sells access to stolen data.
The WeLeakInfo[.]com domain was seized by the Feds after the District Court for the District of Columbia issued a warrant, although its administrators are still at large.
Although the site claimed to be focused on helping breached internet users discover if their personal data had been compromised, by selling access to billions of records it also provided a useful resource for cyber-criminals looking to launch credential stuffing, phishing and other attacks.
“The website had claimed to provide its users a search engine to review and obtain the personal information illegally obtained in over 10,000 data breaches containing over 12 billion indexed records – including, for example, names, email addresses, usernames, phone numbers, and passwords for online accounts,” a statement from the Department of Justice explained.
“The website sold subscriptions so that any user could access the results of these data breaches, with subscriptions providing unlimited searches and access during the subscription period (one day, one week, one month, or three months).”
The way it operated stood in contrast to legitimate breach notification site HaveIBeenPwned, which only lets users know if their accounts have been compromised, rather than providing access to troves of breached data.
Jake Moore, cybersecurity specialist at ESET, argued that hackers can do a great deal of damage even just with limited sets of breached emails and names.
“The big risk comes from brute force attacks, where criminals use common password combinations against emails to try and break into personal accounts,” he added.
“An incredibly large amount of people still use predictable or simple passwords. Many people's passwords are also readily available on the dark web, so it quickly and simply becomes an exercise in joining the dots for the cyber-criminals.”
The FBI is seeking any information on the owners and operators of WeLeakInfo.