The U.S. Department of Justice (DoJ) on Wednesday announced[1]
the seizure of three domains used by cybercriminals to trade stolen
personal information and facilitate distributed denial-of-service
(DDoS) attacks for hire.
This includes weleakinfo[.]to, ipstress[.]in, and
ovh-booter[.]com, the former of which allowed its users to traffic
hacked personal data and offered a searchable database containing
illegally amassed information obtained from over 10,000 data
breaches.
The database consisted of seven billion indexed records
featuring names, email addresses, usernames, phone numbers, and
passwords for online accounts that could be accessed through
different subscription tiers.
The shutdown of weleakinfo[.]to comes more than two years after
a related internet domain named weleakinfo[.]com was confiscated in January 2020[2], with law enforcement
officials arresting 21 individuals in connection to the operation
later that year. Last May, one of its operators was sentenced[3]
to two years in prison.
The other two domains — ipstress[.]in and ovh-booter[.]com —
offered to conduct DDoS services for their clients. DDoS attacks
are carried out by flooding a targeted web resource with junk
traffic with the goal of rendering it inaccessible to legitimate
users of the service.
The “comprehensive law enforcement action” involved the Federal
Bureau of Investigation (FBI), the U.S. Attorney’s Office for the
District of Columbia, and the DoJ’s Computer Crime and Intellectual
Property Section in coordination with authorities from Belgium and
the Netherlands.
“These seizures are prime examples of the ongoing actions the
FBI and our international partners are undertaking to disrupt
malicious cyber activity,” said FBI Special Agent in Charge, Wayne
A. Jacobs, said.
“Disrupting malicious DDoS operations and dismantling websites
that facilitate the theft and sale of stolen personal information
is a priority for the FBI.”
References
Read more https://thehackernews.com/2022/06/doj-seizes-3-web-domains-used-to-sell.html