In coordination with International Law enforcement authorities, Portuguese conducted an investigation and successfully seized the website selling login credentials and PII addresses of over 5.85 million people.
The United States law enforcement agencies also reported that they have seized four domains of an online marketplace associated with the online shop, named ‘wt1store.cc’, ‘wt1shop.net’, wt1store.com’, and ‘wt1store.net’.
A federal agency had charged Nicolai Colesnicov, 36, of the Republic of Moldova, with operating wt1shop to facilitate the selling of stolen credentials and PII.
Following the incident, the U.S. Justice Department (DoJ) stated that the agencies seized approximately 25,000 scanned driver’s licenses/passports, 1.7 million login credentials for various online shops, 108,000 bank accounts, and 21,800 credit cards.
According to the documents, visitors of the illegal marketplace could purchase the stolen data using Bitcoin. Around 2.4 million credentials had been sold on wt1shop, for total proceeds of $4 million. Also, the online market had a forum that could be accessed by the customers.
The data that was sold was for online retailers, PayPal accounts, financial institutions, and email accounts. Other credentials were for remote access to computers, servers, and other appliances Additionally, a person visiting the website to buy stolen credentials can also purchase the credit card accounts of that victim.
U.S. Attorney Brit Featherston said that “This case exemplifies the need for all of us, right now, to take steps to protect our online identity, our personal data, and our monetary accounts. Cyber-criminals are lurking behind the glow of computer screens and are harming Americans. These investigations require dedicated professionals who work tirelessly to stop thieves that steal from unknowing innocent people. To those who dedicate their lives to stopping cyber-criminals, we thank you.”
Earlier this year, the Department of Justice along with other international authorities had announced that they had seized Slilpp, the largest site for stolen credentials on the Dark Web. The site had data of 80 million users from 1,400 service providers.
Also, on March 16, 2022, a federal grand jury put Igor Dekhtyarchuk, a Russian citizen, on trial for running a cyber-criminal marketplace that stole and sold thousands of login credentials, authentication tools, and Personally Identifiable Information.
Read the full article here