Site aggregated 12 billion usernames and passwords from over 10,00 0 breaches.
On Wednesday, cops in the Netherlands and Northern Ireland jailed 2 22- year-old males thought to be connected to WeLeakInfo, a site offering usernames and passwords from multiple information breaches for sale. At the same time, the Federal Bureau of Investigation, in coordination with the UK’s National Criminal offense Company, the Netherlands National Police Corps, the German Bundeskriminalamt, and the Authorities Service of Northern Ireland, removed the domain for the website, redirecting it to a seizure notice (revealed above).
In the beginning, some thought the takedown was merely a breach of the website itself– primarily because the FBI made the effort to include the website’s logo design to the takedown notice.
There’s a mess occurring over at We Drip Information because the other day. It appears like they got hacked, and someone threw up an FBI seizure page. The seizure notification doesn’t look legit.
… Not a great look for them … https://t.co/XGGIRaJKQk #WeLeakInfo #WLI pic.twitter.com/SUzaAQD8Pd
— Cypher (@CryptoCypher) January 16, 2020
But on Thursday afternoon, the Justice Department announced the takedown and put out a call for further details on WeLeakInfo and its operators. WeLeakInfo declared to have over 12 billion usernames and passwords from a collection of over 10,00 0 information breaches. Originally hosted at a Canadian hosting business’s data center when established in 2016, the domain was moved behind Cloudflare a day later. The site, initially marketed as “the most comprehensive private database search engine,” purported to be a legitimate tool for companies to carry out security research– even declaring to offer an application interface for performing bulk checks for breaches of business accounts.
However the website was declared to be offering more than simply breach warnings.
While the domain has been seized and computer systems connected to its operation were seized by Dutch cops, the fate of the site’s server remains unidentified.