The Hacker Got Hacked
WeLeakInfo was a data breach site that offered paid subscriptions to users who could then access their searchable stolen records database. This now-defunct site contained 12.5 BILLION records of data that was illegally obtained through various means. This included names, phone numbers, addresses, passwords, and email addresses.
Hackers Karma was on its way towards WeLeakInfo
Cybercriminals used this site as a resource for when they would hack corporate networks or run phishing campaigns. The FBI seized the WeLeakInfo domain in January 2020 after an international law enforcement operation allowed them to do it. This group was comprised of the FBI, the UK NCA, the Netherlands National Police Corps, the Police Service of Northern Ireland, and the German Bundeskriminalamt. This led to the site being shut down and cease of operations for the hackers.
Karma Came Knocking
Recently data containing archived payment processing information from WeLeakInfo was released on another hacking forum called RaidForums. It included the information that WeLeakInfo used via the payment method Stripe. The cost to obtain the records was about $2.54 and was posted by a forum administrator who found it in a data dump.
The FBI had allowed the wli. domain to expire, and the WeLeakInfo data was accessible. The new site owner informed viewers that he or she “was able to register this domain giving me full access to all customer information…”. Getting burned at your own game. The exposed information included account information and spreadsheets that contained customer lists, payment information, and invoices. Additionally, they found corporate data that included a host of identifying information for close to 24,000 payments.
While some of the found information was for businesses that used the service, they were likely security companies using the service to ward off attacks.
While illegally obtaining any information is something we don’t support, it was good to see that the hacker face some hackers karma.
As always, keep your account passwords safe and change them often to avoid being a victim of a scammer. For more info on online safety check out the FBIs top tips here!
For more helpful security tips check out some of our other blog posts!