authorities-shut-down-wt1shop-site-for-selling-stolen-credentials-and-credit-cards

Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

Authorities Shut Down WT1SHOP Site for Selling Stolen Credentials and Credit Cards

An international law enforcement operation has resulted in the dismantling of WT1SHOP, an online criminal marketplace that specialized in the sales of stolen login credentials and other personal information.

The seizure was orchestrated by Portuguese authorities, with the U.S. officials taking control of four domains used by the website: “wt1shop[.]net,” “wt1store[.]cc,” “wt1store[.]com,” and “wt1store[.]net.”

The website peddled over 5.85 million records of personally identifying information (PII), including approximately 25,000 scanned driver’s licenses/passports, 1.7 million login credentials for various online shops, 108,000 bank accounts, 21,800 credit cards, the U.S. Justice Department (DoJ) said.

The DoJ also unveiled a criminal complaint against Nicolai Colesnicov, accusing the 36-year-old individual from the Republic of Moldova of running the marketplace. Colesnicov has been charged with conspiracy and with trafficking in unauthorized access devices.

According to unsealed court documents, WT1SHOP offered a payment mechanism that facilitated the trafficking of pilfered PII using Bitcoin. The account shop had 106,273 registered users and 94 sellers with a total of roughly 5.85 million credentials available for sale as of December 2021.

The login credentials included those belonging to retailers and financial institutions, email accounts, PayPal accounts, and identification cards, as well as to remotely access and operate computers, servers, and network devices without authorization.

The DoJ also said law enforcement was able to trace Bitcoin transactions made on WT1SHOP, along with the email addresses and the login information from those accounts, to Colesnicov, enabling the authorities to determine his role as the administrator of the illicit marketplace.

If convicted, Colesnicov faces a maximum sentence of 10 years in federal prison.

The development comes over a year after law enforcement agencies from the U.S., Germany, the Netherlands, and Romania disrupted and took down the infrastructure of an underground marketplace known as Slilpp that specialized in trading stolen login credentials.


Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.

Related News

Hackers using USB drives to spread malware in ongoing attack

Hackers using USB drives to spread malware in ongoing attack

According to a recent post by the cybersecurity firm Mandiant, USB drives are being used to hack targets in Southeast…
AI-Powered Smart Glasses Give Deaf People the Power of Speech

AI-Powered Smart Glasses Give Deaf People the Power of Speech

In a recent example of innovative technology making a positive difference, there is now new artificial intelligence (AI) powered smart…
16,000+ Scam Domains Aimed at FIFA World Cup Fans in Qatar

16,000+ Scam Domains Aimed at FIFA World Cup Fans in Qatar

Seeing as scammers readily jump to capitalize on events with huge global interest, it comes as no surprise that Group-IB…