Feds seize SSNDOB marketplace that listed personal data of 24 million people

0
28


Enlarge / Seizure discover on ssndob.ws.

Federal legislation enforcement companies say they shut down a bunch of internet sites that remodeled $19 million promoting Social Safety numbers and different private knowledge.

A Justice Department press release yesterday introduced “the seizure of the SSNDOB Market, a collection of internet sites that operated for years and have been used to promote private data, together with the names, dates of delivery, and Social Safety numbers belonging to people in america.” SSNDOB apparently operated for a few decade, and the Justice Division mentioned it listed the private data of about 24 million US residents.

The announcement described how the SSNDOB operation was run:

The SSNDOB directors created commercials on darkweb prison boards for {the marketplace}’s companies, offered buyer help capabilities, and commonly monitored the actions of the websites, together with monitoring when purchasers deposited cash into their accounts. The directors additionally employed numerous methods to guard their anonymity and to thwart detection of their actions, together with utilizing on-line monikers that have been distinct from their true identities, strategically sustaining servers in numerous nations, and requiring consumers to make use of digital cost strategies, comparable to bitcoin.

Seizure orders

The seizure operation was led by the IRS and FBI, with the companies working in “shut cooperation with legislation enforcement authorities in Cyprus and Latvia.” On Tuesday, “seizure orders have been executed in opposition to the domains of the SSNDOB Market (ssndob.ws, ssndob.vip, ssndob.membership, and blackjob.biz), successfully ceasing the web site’s operation,” the announcement mentioned.

No arrests have been introduced, however the press launch mentioned the US plans to conduct asset forfeiture because the investigation continues. The IRS mentioned brokers “will proceed to work with the US and worldwide legislation enforcement group to finish these advanced scams, no matter the place the cash path leads them.”

The seized domains appear to be a part of the identical operation as one detailed by safety journalist Brian Krebs about 9 years in the past. In September 2013, Krebs wrote that SSNDOB “has for the previous two years marketed itself on underground cybercrime boards as a dependable and reasonably priced service that clients can use to lookup SSNs, birthdays and different private knowledge on any US resident.” Krebs was swatted shortly after one in every of his articles on SSNDOB, which used the ssndob.ru area on the time.

SSNDOB operators acquired their knowledge partly by infiltrating LexisNexis, Dun & Bradstreet, and Kroll Background America. Hackers used knowledge from SSNDOB to achieve management of Xbox Stay accounts held by some Microsoft staff, in keeping with another Krebs report in 2013.

As safety firm Sophos famous in a story on yesterday’s shutdown, “an SSN would not actively determine you,” however “figuring out somebody’s SSN (or the equal private identifier in your nation) is an effective start line in the event you’re an id thief, as a result of it may possibly typically be mixed with different private data to get previous id checks.”

SSNDOB was huge on bitcoin

Safety firm Chainanlysis, which markets “investigation software program that connects cryptocurrency transactions to real-world entities,” wrote that “SSNDOB’s Bitcoin cost processing system has been lively since April 2015” and “has acquired almost $22 million price of Bitcoin throughout over 100,000 transactions.”

“Maybe most attention-grabbing of all although is the exercise we see between SSNDOB and Joker’s Stash, a big darknet market targeted on stolen bank card data and different PII that shut down in January 2021,” Chainanlysis wrote. “Between December 2018 and June 2019, SSNDOB despatched over $100,000 price of Bitcoin to Joker’s Stash, suggesting the 2 markets might have had some relationship to at least one one other, together with probably shared possession.”

Chainanlysis additionally wrote that the SSNDOB shutdown is “the most recent in a string of darknet market closures over the previous 12 months. … Time and again, illicit companies that embrace cryptocurrency have opened themselves as much as legislation enforcement scrutiny and been shut down, largely due to the inherent transparency of blockchains.”



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here