The US Justice Department, IRS and FBI dismantled SSNDOB Marketplace, an illicit marketplace used by cybercriminals to buy stolen personal information.
SSNDOB, which has been around for years, offered for sale stolen personal data, including the names, dates of birth, email addresses, passwords, credit card numbers, and Social Security numbers of millions individuals. According to the DoJ, the marketplace has listed the personal information for approximately 24 million US citizens, and has made more than $19 million in revenue.
SSNDOB operated through a series of websites and was advertised via darkweb criminal forums. The SSNDOB administrators provided customer support functions, and employed various techniques to protect their anonymity and to thwart detection of their activities, the DoJ said.
According to cryptocurrency analysis firm Chainalysis, SSNDOB’s Bitcoin payment processing system has been active since April 2015. Since then, the service has received nearly $22 million worth of Bitcoin across over 100,000 transactions.
The researchers also found financial ties between SSNDOB and Joker’s Stash, one of the largest illicit credit card marketplaces shut down in February 2021. Between December 2018 and June 2019, SSNDOB sent over $100,000 worth of Bitcoin to Joker’s Stash, indicating that the two marketplaces may have had some sort of a relationship or, perhaps, the same owner.
In May, the FBI announced it seized the internet domains - weleakinfo[.]to, ipstress[.]in, and ovh-booter[.]com - that were used by threat actors to sell stolen personal information or conduct DDoS (distributed denial of service) attacks against victim networks.
