Cyber Security

U.S. Authorities Shut Down Slilpp—Largest Marketplace for Stolen Logins

The U.S. Department of Justice (DoJ) Thursday said it disrupted and took down the infrastructure of an underground marketplace known as “Slilpp” that specialized in trading stolen login credentials as part of an international law enforcement operation.

Over a dozen individuals have been charged or arrested in connection with the illegal marketplace. The cyber crackdown, which involved the joint efforts of the U.S., Germany, the Netherlands, and Romania, also commandeered a set of servers hosting its infrastructure as well as the multiple domains the group operated.

Operational since 2012, Slilpp was an marketplace for allegedly stolen online account login credentials belonging to 1,400 companies worldwide, offering for sale more than 80 million plundered usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other online accounts, which were abused to conduct unauthorized transactions, such as wire transfers, from the related accounts.

Based on existing victim reports, the DoJ said the pilfered login credentials sold over Slilpp have been used to siphon no less than $200 million in the U.S.

“The Slilpp marketplace allegedly caused hundreds of millions of dollars in losses to victims worldwide, including by enabling buyers to steal the identities of American victims,” said Acting Assistant Attorney General Nicholas L. McQuaid of the DoJ’s Criminal Division. “The department will not tolerate an underground economy for stolen identities, and we will continue to collaborate with our law enforcement partners worldwide to disrupt criminal marketplaces wherever they are located.”

The development comes amid a flurry of law enforcement actions against cybercrime groups in recent months, including that of TrickBot, Emotet, and ANoM. Slilpp is also the third marketplace to be taken down by the DoJ after xDedic (January 2019) and DEER.IO (January 2021), both of which catered to harvesting and selling login credentials.

Articles You May Like

Meta CEO Mark Zuckerberg looks to digital assistants, smart glasses and AI to help metaverse push
Flipkart Big Billion Days Sale 2023 to bring discounts on Phones from Samsung, Motorola, Xiaomi, Vivo, More
Google Pixel 8 Series Renders Leak Again; Suggest Three Colour Options
Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm
Big Screens, Bigger Savings: Dive Into Croma’s 55-Inch TV Discounts Now!