How the DOJ Cracked Down on Cybercrime Websites Selling Data and DDoS Attacks


Cybercrime is a global threat that affects millions of people and businesses every year. Cybercriminals use various methods to steal personal information, disrupt online services, and extort money from their victims. One of the ways they do this is by using websites that sell stolen data and offer DDoS attacks for hire.

However, the U.S. Department of Justice (DoJ) is not letting them get away with it. On Wednesday, June 2, 2022, the DoJ announced the seizure of three web domains that were used for cybercrime activities. These domains are:

  • weleakinfo[.]to
  • ipstress[.]in
  • ovh-booter[.]com

These websites were part of a larger network of cybercrime marketplaces that operated across the world. They enabled cybercriminals to access and trade stolen personal information and launch DDoS attacks on their targets.

What were these websites doing?

Weleakinfo[.]to was a website that sold access to a database of personal information that was obtained from over 10,000 data breaches. The database contained seven billion records, including names, email addresses, usernames, phone numbers, and passwords for online accounts. Users could search the database by various criteria and download the results for a fee. The website also offered a subscription service that allowed users to access the database for a certain period of time.

Ipstress[.]in and ovh-booter[.]com were websites that offered DDoS attacks for hire. DDoS attacks are cyberattacks that overload a website or a network with a large amount of traffic, making it slow or unavailable for legitimate users. Users could pay these websites to launch DDoS attacks on any target they wanted, such as a competitor, a rival, or a critic. The websites claimed to have powerful servers and networks that could generate a high volume of traffic and bypass security measures.

How did the DOJ seize these domains?

The seizure of these domains was the result of a joint operation by the Federal Bureau of Investigation (FBI), the U.S. Attorney’s Office for the District of Columbia, and the DoJ’s Computer Crime and Intellectual Property Section. The operation also involved cooperation from law enforcement authorities from Belgium and the Netherlands, where some of the servers hosting these websites were located.

The operation was based on a court order that authorized the seizure of the domains under the federal forfeiture law. The law allows the government to seize property that is used to commit or facilitate criminal activity. The court order also authorized the FBI to redirect the traffic from these domains to a webpage that displays a seizure notice.

The seizure notice informs the visitors that the domain has been seized by the FBI and warns them that accessing or using the website may be illegal. The notice also provides information on how to report cybercrime to the FBI and how to protect oneself from identity theft and fraud.

What are the consequences of this seizure?

The seizure of these domains is a significant blow to the cybercrime ecosystem. It disrupts the operations of these websites and prevents them from providing their services to cybercriminals. It also deprives them of their revenue and exposes their customers and suppliers to legal risks.

The seizure also sends a strong message to the cybercrime community that the U.S. government is determined to fight cybercrime and protect its citizens and businesses from online threats. It demonstrates the effectiveness of international collaboration and coordination in combating cybercrime. It also raises awareness among the public about the dangers of cybercrime and the importance of cybersecurity.

The DoJ stated that the seizure of these domains is part of its ongoing efforts to disrupt and dismantle cybercrime networks and websites. The DoJ also urged the public to report any suspicious or illegal online activity to the FBI at www.ic3.gov.

Post a Comment

0 Comments