WeLeakInfo.com claimed to be a source for customers to verify their compromised login credentials in data breaches. The website has more than 12 million records acquired from 10,000 data breaches.
Domain Name Seized
The domain was seized by the U.S. Department of Justice on Thursday and DoJ encourages users to share further information concerning weleakinfo.com or its owners and operators.
“To provide that information by filing a complaint (referencing #weleakinfo in the “Description of Incident” field) with the FBI’s Internet Crime Complaint Center (IC3) at https://www.ic3.gov/complaint/default.aspx.”
The seize is a part of joint operations between law enforcement between “FBI, the U.S. Attorney’s Office for the District of Columbia, and the Department of Justice’s Computer Crime and Intellectual Property Section, along with international law enforcement, including the United Kingdom’s National Crime Agency, the Netherlands National Police Corps, the German Bundeskriminalamt (the Federal Criminal Police Office of Germany), and the Police Service of Northern Ireland.”
Before a day of the website takedown, the Nederland police has arrested a 22-year-old man from Arnhem, on suspicion for offering more than 12 billion login credentials for sales on weleakinfo.com.
According to the DoJ report, the website has more than 12 billion indexed records including “names, email addresses, usernames, phone numbers, and passwords for online accounts.”
To access the results for users the website sold subscriptions, during the subscription the users have unlimited access to the database.
The website offers a free trial and as well as four plans that include one day, one week, one month, or three months. Here is the screenshot of the plans.
This type of service acts as a mine for attackers to gather information about the targets to launch a cyberattack.
Now the website has been seized and the users are directed seizure banner that notifies the website has been seized.