Most cybercriminals and ransomware groups operate from different locations, making it hard for law enforcement agencies to track them down. Several governments are making international cybersecurity operations to deter cyberattacks and nab the threat actors responsible for them.
Recently, the U.S. Department of Justice (DOJ) announced that a multinational operation took down Slillpp, an infamous underground marketplace of stolen login credentials. The cooperation, which involved the law enforcement agencies from the U.S., Germany, the Netherlands, and Romania, seized servers that hosted Slilpp’s online infrastructure and its domain names.
“The Slilpp marketplace allegedly caused hundreds of millions of dollars in losses to victims worldwide, including by enabling buyers to steal the identities of American victims. The department will not tolerate an underground economy for stolen identities, and we will continue to collaborate with our law enforcement partners worldwide to disrupt criminal marketplaces wherever they are located,” said Nicholas L. McQuaid, Acting Assistant Attorney General of the Justice Department’s Criminal Division.
Slillpp’s Cyber Activities
Slilpp’s online marketplace has been trading stolen login credentials, including usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other online accounts since 2012.
The fraudulent platform also served as a data broker allowing vendors to sell, and customers to buy, stolen/leaked credentials. Most cybercriminals later used those login credentials to conduct unauthorized transactions on targeted users. The U.S. law enforcement charged over a dozen individuals in connection with the Slilpp marketplace.
Huge Number of Credentials for Sale
Most of the threat actor groups have a presence in underground marketplaces where they share details related to stolen data, malicious tools, malware samples, and hacking targets. The DoJ found stolen account login credentials for over 1,400 account providers available for sale. While the full impact of Slilpp is still unknown, the agency stated that the stolen login credentials sold over the Slilpp platform caused over $200 million in losses in the U.S.
“With today’s coordinated disruption of the Slilpp marketplace, the FBI and our international partners sent a clear message to those who, as alleged, would steal and traffic in stolen identities: we will not allow cyber threats to go unchecked. We applaud the efforts of the FBI and our international partners who contributed to the effort to mitigate this global threat,” said Acting U.S. Attorney Channing D. Phillips of the District of Columbia.
