ssndob-cybercrime-marketplace-seized-in-intl.-coordinated-operation

Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

SSNDOB Cybercrime Marketplace Seized in Intl. Coordinated Operation

The FBI teamed up with European law enforcement authorities to dismantle the marketplace but couldn’t arrest its administrators.

The US Federal Bureau of Investigation/FBI and the IRS, in collaboration with law enforcement authorities from Latvia and Cyprus, seized domains associated with the infamous SSNDOB Marketplace. The seized domains include the following:

  • Ssndob.ws
  • Ssndob.vip
  • Blackjob.biz
  • Ssndob.club
US, European Authorities Took Down SSNDOB Cybercrime Marketplace

The seizure orders were executed on Tuesday, June 8th, 2022. SSNDOB was involved in selling stolen private data of users, which visitors could get access to after paying in cryptocurrency, to the marketplace administrators. The information was later used in phishing attacks, identity fraud, and extortion.

Blockchain analytics firm Chainalysis stated that the service received around USD22 million in Bitcoin across 100,000 transactions since 2015. Some users spent more than USD100,000 on bulk buying of PII.

The report highlighted that there could be a link between Joker’s Stash and SSNDOB. Joker’s Stash specialized in illicit trading of stolen PII and credit card data, and the service was shut down in 2021.

SSNDOB’s Background

SSNDOB is an underground cybercrime marketplace known for selling personally identifiable information (PII), including users’ names, email IDs, dates of birth, credit card and Social Security numbers, and passwords.

The marketplace ran a series of websites to sell PII. The administrators marketed the sites on the Dark Web cybercrime forums and offered customer support. The marketplace earned over USD19 million by selling private data of around 24 million victims, most of which are US citizens.

Moreover, the admins of SSNDOB employed numerous anonymity protection measures and detection evading techniques such as using online monikers to hide their identities, using servers from different countries, and asking for payments in cryptocurrencies, mainly Bitcoin and Litecoin.

Blockchain analysis: SSNDOB’s cryptocurrency transaction history and connections to Joker’s Stash (Credit: Chainalysis)

SSNDOB – A Threat to User Safety

The US Department of Justice (DoJ) explained (and as we know it) that if users’ private data lands in the wrong hands, the threat actors can exploit the victim in more than one way. For instance, identity theft can cause heavy financial loss to the victim, which can cause a “devastating impact on a victim’s long-term emotional and financial health.”

As per the special agent in charge of the IRS-Criminal Investigation Washington, DC Field Office, Darrell Waldon, the dismantling of SSNDOB will disrupt identity theft criminals and help millions of American citizens who were victimized.

 “Special agents with IRS-CI’s DC Cyber Crimes Unit will continue to work with the US and international law enforcement community to end these complex scams, regardless of where the money trail leads them.”

Special Agent in Charge Darrell Waldon – IRS

More Cyber Crime Forum Seizures

  1. Feds seize WeLeakInfo.com for selling stolen databases
  2. Domain, server of DoubleVPN used by ransomware gangs seized
  3. Russia seizes Trump Dumps, Ferum, and SkyFraud carding forums
  4. Police shut down illegal video streaming app Mobdro with 100M users
  5. FBI Seizes RaidForums and Arrests Alleged Founder Diogo Santos Coelho

Author

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related News

How to Craft Rich Data-Driven Infographics with Powered Template

How to Craft Rich Data-Driven Infographics with Powered Template

We’re living in a data-driven world, and this means that it’s imperative to share information in the most engaging and…
Meta Fined €265 million in Facebook Data Scraping Case in the EU

Meta Fined €265 million in Facebook Data Scraping Case in the EU

Ireland’s Data Protection Commissioner (DPC) has placed yet another fine of €265 million ($277 million) on Meta following Facebook’s data…
Critical Flaw Exploited to Bypass Fortinet Products and Compromise Orgs

Critical Flaw Exploited to Bypass Fortinet Products and Compromise Orgs

While performing routine monitoring, Cyble’s Global Sensor Intelligence (GIS) discovered a threat actor is distributing unauthorized access to several Fortinet…