FBI Seizes ‘SSNDOB’ ID Theft Service for Selling Personal Data of 24 Million People

On Tuesday, the Department of Justice (DoJ) announced that an illegal online marketplace called SSNDOB was dismantled in an operation led by U.S. law enforcement agencies.

SSNDOB take down

SSNDOB trafficked in personal data such as names, dates of birth, credit card numbers, as well as Social Security numbers of roughly 24 million people in the U.S., producing its operators $19 million in sales revenue.

The activity saw the seizure of several domains connected with the marketplace– ssndob.ws, ssndob.vip, ssndob.club, and blackjob.biz– together with authorities from Cyprus and Latvia.

SSNDOB’s Bitcoin payment processing system has actually received almost $22 million worth of Bitcoin throughout over 100,000 transactions since April 2015, according to blockchain analytics firm Chainalysis.

Furthermore, bitcoin transfers of more than $100,000 have actually been discovered between SSNDOB and Joker’s Stash, a darknet market specializing in stolen credit card data and voluntarily closed shop in January 2021, showing a close relationship between both criminal storefronts.

“The SSNDOB administrators made advertisements on dark web criminal forums for the Marketplace’s services, offered customer support functions, as well as consistently kept track of the activities of the websites, including monitoring when people deposited money into their accounts,” the DoJ stated in a statement.

Furthermore, the cybercriminal actors are believed to have actually used tactics to conceal their true identities, including using anonymous online profiles, keeping servers in different countries, and needing potential buyers to utilize cryptocurrencies.

“Identity theft can have a disastrous effect on a victim’s long-term emotional and financial health,” said Darrell Waldon, special agent in charge of IRS-CI Washington, D.C. Field Office. “Taking down the SSNDOB website interrupted ID theft criminals and assisted millions of Americans whose personal details was compromised”.

A victory for cybersecurity

The takedown marks the ongoing ramping up of efforts on the part of law enforcement agencies around the world to obstruct malicious cyber activity.

Last week, Europol publicized the closed down of the FluBot Android banking trojan, while the Justice Department said it confiscated three domains utilized by cybercriminals to trade stolen personal details and facilitate distributed denial-of-service (DDoS) attacks for hire.

Furthermore, earlier this year, the Federal Bureau of Investigation (FBI) also neutralized a modular botnet called Cyclops Blink and took down RaidForums, a hacking forum infamous for selling access to hacked personal details belonging to users.

In a related development, the U.S. Treasury Department likewise sanctioned Hydra after German law enforcement authorities disrupted the globe’s biggest and longest-running dark web marketplace in April 2022.

Read the original article on The Hacker News.

Read more: BE CAUTIOUS: Delete These Two Google Play Store Malware-Ridden Apps If You Have Them.