By: Ravie Lakshmanan
An illicit online marketplace known as SSNDOB was taken down in operation led by U.S. law enforcement agencies, the Department of Justice (DoJ) announced Tuesday.
SSNDOB trafficked in personal information such as names, dates of birth, credit card numbers, and Social Security numbers of about 24 million individuals in the U.S., generating its operators $19 million in sales revenue.
The action saw the seizure of several domains associated with the marketplace — ssndob.ws, ssndob.vip, ssndob.club, and blackjob.biz — in cooperation with authorities from Cyprus and Latvia.
According to blockchain analytics firm Chainalysis, SSNDOB’s Bitcoin payment processing system has received nearly $22 million worth of Bitcoin across over 100,000 transactions since April 2015.
Furthermore, bitcoin transfers to the tune of more than $100,000 have been unearthed between SSNDOB and Joker’s Stash, another darknet market that specialized in stolen credit card information and voluntarily closed shop in January 2021, indicating a close relationship between the two criminal storefronts.
“The SSNDOB administrators created advertisements on dark web criminal forums for the Marketplace’s services, provided customer support functions, and regularly monitored the activities of the sites, including monitoring when purchasers deposited money into their accounts,” the DoJ said in a statement.
Additionally, the cybercriminal actors are said to have employed tactics to conceal their true identities, including using anonymous online profiles, maintaining servers in different countries, and requiring potential buyers to use cryptocurrencies.
“Identity theft can have a devastating impact on a victim’s long-term emotional and financial health,” said Darrell Waldon, special agent in charge of IRS-CI Washington, D.C. Field Office. “Taking down the SSNDOB website disrupted ID theft criminals and helped millions of Americans whose personal information was compromised.”
The takedown marks the continued ramping up of efforts on the part of law enforcement agencies across the world to disrupt malicious cyber activity.
Last week, Europol publicized the shut down of the FluBot Android banking trojan, while the Justice Department said it seized three domains used by cybercriminals to trade stolen personal information and facilitate distributed denial-of-service (DDoS) attacks for hire.
Earlier this year, the Federal Bureau of Investigation (FBI) also neutralized a modular botnet dubbed Cyclops Blink as well as dismantled RaidForums, a hacking forum notorious for selling access to hacked personal information belonging to users.
In a related development, the U.S. Treasury Department also sanctioned Hydra after German law enforcement authorities disrupted the world’s largest and longest-running dark web marketplace in April 2022.