In 2020, the FBI seized the website ‘WeLeakInfo.com’, which was selling breached data to anyone for as low as $2. The site was in operations for over 3 years.
The website allowed anyone to see anybody’s plain-text passwords. Due to this very nature of its model, the website gained popularity in various hacking forums. Eventually, it gained the attention of the FBI and other law enforcement agencies as well.
Before this website taken offline, it claimed to have over 12Bn records in its systems.
In the last 24 hours, things took an unanticipated turn, an actor in one of the hacking forums claimed to have registered one of the domains of WeLeakInfo. The domain is wli.design.
The domain was re-registered on March 11 2021 as below:
The WeLeakInfo operators allegedly used the domain’s email address for payments via Stripe, the actor claimed. The actor claimed to have registered the domain and then created an email address on the registered domain used in their Stripe account.
Upon access to WeLeakInfo’s Stripe account, the actor allegedly gained access to their customers’ details (including email, address, partial card details, purchase history and others).
The leaked files are:
Looking at the file “top_customers.csv”, it includes a number of personal and “maybe professional” email addresses (total 100).
The file ‘unified_payment’ has details on their buyers, including their addresses and partial details of their credit cards.
The “team” file has the information about the administrator – we haven’t been able to verify this though.
We recommend the following:
- Never share personal information, including financial information over the phone, email, or SMS
- Use strong passwords and enforce multi-factor authentication wherever possible
- Regularly monitor your financial transactions; if you notice any suspicious activity, contact your bank immediately
- Turn on the automatic software update feature on your computer, mobile, and other connected devices wherever possible and pragmatic
- Use a reputable antivirus and internet security software package on your connected devices, including PC, laptop, and mobile
- Register at AmiBreached.com to ascertain your exposure if you’re concerned about your exposure in the Darkweb
- Refrain from opening untrusted links and email attachments without verifying their authenticity
Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the darkweb. Cyble’s prime focus is to provide organizations with real-time visibility into their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Startups To Watch In 2020. Headquartered in Alpharetta, Georgia, and with offices in Australia, Singapore, and India, Cyble has a global presence. To learn more about Cyble, visit www.cyble.com.