Two arrests have been made in connection with an FBI-seized site that gave some 12 billion personal credentials to cybercriminals.
Following an international investigation, the online website WeLeakInfo was seized and shut down by the FBI on Jan. 15 after the agency found it sold private user data from 10,000 data breaches.
Two 22-year-old men from the Netherlands and Northern Ireland, believed to be heavily involved in the operation, were arrested last week.
One was arrested in the eastern Dutch city of Arnhem, after a police raid on his home, following a tip-off by a Dutch cybercrime unit working with Britain’s National Crime Agency, the FBI, and the German police.
“The suspect is involved in possessing and offering stolen usernames and passwords and has a facilitating role when it comes to cybercrime,” Dutch police said.
The second suspect was arrested in the town of Fintona on suspicion of fraud and serious criminal offenses, Dutch police said in a statement.
Police said professional equipment found during the Arnhem raid made it possible to sell the suspects’ offered services via WeLeakInfo.
The domain for WeLeakInfo has since been redirected to a notice of seizure (NOS), which reads: “This domain has been seized” by the FBI in conjunction with the other European law enforcement agencies.
The seized site allegedly contained billions of leaks and stolen passwords siphoned from around 10,300 breaches around the world, according to the U.S. Department of Justice. The stolen data includes information from popular websites and apps such as LinkedIn and MyFitnessPal.
The stolen information was organized into a searchable database that allowed users, who paid subscription fees starting from $2 a day, to look up someone’s email address. From there, users can access linked phone numbers, usernames, passwords, and IP addresses.
The site claimed its services were a legitimate method to carry out security research, reported Engadget.
“In theory, you could search hundreds or even thousands of leaked passwords to try and gain access to people’s emails, their social media, and other accounts,” the NOS said.
The siphoned data was then used in further cyberattacks in the U.S., Germany, and the UK, British authorities said.
The two suspects were also believed to have made over £200,000 ($261,000) from data sales on WeLeakInfo.
Dutch police said that the investigation, which began in August 2019, is still ongoing,
“For that reason, more specific information cannot be shared,” police said, reported NL Times.
Andrew Shorrock, senior investigating officer at the NCA, said the seized website had become an “extremely valuable” part of a cybercriminal toolkit.
“Cybercrime is a threat that crosses borders, and therefore, close international collaboration is crucial to tackling it,” he continued.
“These arrests have resulted in the seizure of the site’s data, which included 12 billion personal credentials, and so work is continuing by law enforcement to mitigate these and notify the sites that were breached,” he said.
AFP contributed to this report.
