January 17, 2020

WeLeakInfo taken down by FBI to halt password selling

By Robert Scammell

The FBI has seized the domain of WeLeakInfo.com, a website that claimed to have more than 12 billion user records on sale that had been exposed in data breaches.

For as little as $2 per day, hackers could search the name, email or username of a person and be presented with any data that had been leaked about them.

In some cases, this included cleartext passwords, which cybercriminals could use in the hope that their target had reused the same password across multiple accounts, known as credential stuffing.

While the site purported to be a genuine tool for security researchers, law enforcement deemed it illegitimate.

A multinational effort saw WeLeakInfo taken down by the FBI, NCA, Politie, Department of Justice, Police Service of Northern Ireland and Bundeskriminalamt.

WeLeakInfo one of many sites selling passwords

The domain was seized by the authorities on 15 January, with visitors to the site now met with a notice stating:

“The domain for WeLeakInfo has been seized by the Federal Bureau of Investigation pursuant to a seizure warrant issued by the United States District Court for the District of Colombia.”

weleakinfo seized

Visitors to the domain are now greeted by this notice.

On Wednesday police in the Netherlands and Northern Island arrested two 22-year-old men believed to be connected to WeLeakInfo.

The site, which aggregated data from more than 10,000 breaches, is not the only one to offer such a service.

“This site is one of many offering a similar service on the dark web so even with this site out of action, this is by no means the last of it,” said Jake Moore, cybersecurity specialist at ESET.

Robert Ramsden-Board, VP EMEA at Securonix, said:

“The internet is far-reaching; therefore, cybercrime and its impact on businesses and individuals is rarely contained within one nation. So, collaboration between the US, UK and other nations’ law enforcement organisations is a critical step towards effectively tackling cybercrime.”

Moore recommended that users do not use predictable or simple passwords across multiple accounts:

“My advice is to use a password manager to store your uniquely different passwords robustly online so you don’t have to remember them all. Implementing 2FA will also help reduce this risk even if your password is compromised.”

Read more: Exclusive: Production company data breach exposes personal data of Dove ‘real people’ ad participants

Verdict deals analysis methodology

This analysis considers only announced and completed deals from the GlobalData financial deals database and excludes all terminated and rumoured deals. Country and industry are defined according to the headquarters and dominant industry of the target firm. The term ‘acquisition’ refers to both completed deals and those in the bidding stage.

GlobalData tracks real-time data concerning all merger and acquisition, private equity/venture capital and asset transaction activity around the world from thousands of company websites and other reliable sources.

More in-depth reports and analysis on all reported deals are available for subscribers to GlobalData’s deals database.

Topics in this article: