Earlier this week, the U.S. Department of Justice and the FBI announced that they seized three domains selling compromised personal information and launching cyber assaults on victim networks.
The specific domains seized were weleakinfo.to, ipstress.in, and ovh-booter.com — the first of which allowed its users to traffic compromised personal data and offered a searchable database containing illegally amassed information obtained from over 10,000 data breaches. The other two domains offered DDoS-for-hire services to their users.
The domains were taken down as part of an international investigation, in which the National Police Corps of the Netherlands and the Federal Police of Belgium arrested the primary suspect, searched several locations, and seized the underlying infrastructure.
The weleakinfo.to domain offered access to seven billion records containing private data such as names, phone numbers, usernames, email addresses, and passwords.
The seizure of this domain comes roughly two years after the FBI and the US Department of Justice took control of the internet domain name weleakinfo.com, which offered identical services.
"Today, the FBI and the Department stopped two distressingly common threats: websites trafficking in stolen personal information and sites which attack and disrupt legitimate internet businesses," stated Matthew M. Graves, U.S. Attorney for the District of Columbia. “With the execution of the warrant, the seized domain names – weleakinfo.to and the related domains – are now in the federal government's custody, effectively suspending the website’s operation.”
"Cybercrime often crosses national borders. Using strong working relationships with our international law enforcement partners, we will address crimes like these that threaten privacy, security, and commerce around the globe."
According to the DOJ, it remains unclear how long the weleakinfo.to the domain was in operation. Still, the website developed a reputation for selling names, email addresses, usernames, phone numbers, and passwords for online accounts to cybercriminals who would buy a subscription for a period of one day, one week, one month, three months, or a lifetime.
Two years ago in January 2020, the FBI and the US DOJ announced the seizure of the WeLeakInfo.com domain, used in similar cybercrime activity. Just as WeLeakInfo.to, it also offered subscriptions, allowing customers to search 12 billion indexed records for specific information exposed in thousands of data breaches.