The Federal Bureau of Investigation (FBI) dismantled an underground market used to sell personally identifiable information about US citizens.

Along with the Department of Justice (DoJ), the Internal Revenue Service (IRS) and the Cyprus Police Force, the law enforcement agency seized servers belonging to SSNDOB, the marketplace that allegedly housed enough information to steal the identities (opens in new tab ) of 24 million US citizens.

The information included names, dates of birth, and social security numbers, and could be purchased for bitcoin.

Four different domains were taken, the agencies said, including ssndob.ws, ssndob.vip, ssndob.club and blackjob.biz. Apparently, the site has had several "mirrors" to help with possible Distributed Denial of Service (DDoS) attacks. The operation generated €19 million in revenue for its owners, the Justice Department said in a press release, even though a data set costs just €0,50.

Chainalysis, a blockchain analytics firm, says it has tracked $22 million worth of bitcoins paid to SSNDOB since April 2015, and some people were buying the data in bulk, spending up to $100 at a time. They would use the acquired data to mount second-stage attacks or distribute viruses (opens in a new tab), sometimes against people whose identities were stolen, and sometimes against third parties.

Speaking to BleepingComputer, cybersecurity firm Advanced Intel said the data was obtained through data breaches in the healthcare sector.

Investigators also discovered that SSNDOB was linked in some way to Joker's Stash, the oldest stolen payment card store that ended its services early last year.

The company said that between December 2018 and June 2019, SSNDOB sent more than €100,000 worth of bitcoin to Joker's Stash.

Joker's Stash closed on its own, the post recalls, but the fact remains that it was under immense pressure from law enforcement, Covid-19 disruptions and quality erosion.

Via: BleepingComputer (Opens in a new tab)

Share This