Contents:
The Justice Department today reported its role in a multinational campaign involving actions worldwide to disrupt and take down the infrastructure of the largest online marketplace of stolen login credentials known as Slilpp.
Law enforcement agencies from the United States, Germany, the Netherlands, and Romania seized servers that were hosting Slilpp’s marketplace infrastructure and its domain names.
The marketplace’s websites are now replaced with a seizure banner on the clear web and displaying an invalid onionsite address error on the dark web.
Slilpp Marketplace Operational Since 2012
Slilpp online marketplace started selling stolen login credentials such as mobile phone accounts, usernames, and passwords for bank accounts, retailer accounts, or online payment accounts in 2012, according to a seizure warrant statement that was opened today.
As specified by the written statement, the Slilpp marketplace authorized vendors to sell, and clients to purchase, stolen login credentials by providing the forum and the payment procedure for this kind of transaction. Afterward, Slilpp customers used those login credentials to perform unapproved transactions from the related accounts.
To date, more than a dozen individuals have been charged or taken into custody by U.S. law enforcement in connection with the Slilpp marketplace.
According to the affidavit, the FBI, working in coordination with foreign law enforcement partners, identified a series of servers that hosted the Slilpp marketplace infrastructure and its various domain names. Those servers and domain names were seized pursuant to domestic and international legal processes.
Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division stated the Slilpp marketplace reportedly lead to the loss of hundreds of millions of dollars for victims all over the world, including by allowing buyers to steal the identities of American victims.
He added that the department will not abide an underground economy for identity theft, and they will maintain their collaboration with their law enforcement partners from all over the world in order to disrupt criminal marketplaces wherever they are situated.
With today’s coordinated disruption of the Slilpp marketplace, the FBI and our international partners sent a clear message to those who, as alleged, would steal and traffic in stolen identities: we will not allow cyber threats to go unchecked,” said Acting U.S. Attorney Channing D. Phillips of the District of Columbia. “We applaud the efforts of the FBI and our international partners who contributed to the effort to mitigate this global threat.
At the time of the disruption, the statement claims that stolen account login credentials for over 1,400 account providers were ready for sale on the Slilpp online marketplace.
While the full impact of Slilpp is still unknown, officials state the limited existing victim reports show stolen credentials sold on the marketplace have been used to cause more than $200 million in losses in the US.
The U.S. Attorney’s Office for the District of Columbia, the FBI Washington Field Office, and the Criminal Division’s Computer Crime and Intellectual Property Section (CCIPS) organized the operation in close cooperation with investigators and prosecutors from several jurisdictions, including Germany’s Bundeskriminalamt, the Netherlands’ National High Tech Crime Unit, and Romania’s Directorate for the Investigation of Organized Crime and Terrorism.
The Justice Department’s Office of International Affairs also provided significant assistance.
Even if Slilpp marketplace was taken down, there are still other large marketplaces that remain functional to provide hackers with stolen credentials.