An underground illegal online marketplace that contained and sold sensitive information pertaining to individuals based out of the U.S. has been shut down.
SSNDOB, which saw people’s names, social security numbers, and dates of birth being collected and sold has been successfully taken offline due to a joint operation from U.S. authorities and their counterparts in Cyprus.
As reported by Bleeping Computer, the marketplace itself wasn’t your run-of-the-mill operation — around 24 million individuals from the U.S. alone were affected by its illicit activity.
Due to the large scope of the operation, three governmental departments collaborated in shutting down SSNDOB. The FBI, the Internal Revenue Service, and the Department of Justice were all involved.
Additional assistance from Cyprus police was also a factor in the marketplace ceasing its operations.
The Department of Justice’s press release stated that more than $19 million in “sales revenue” was accumulated by the website’s owners.
A total of four domains that provided hosting services for the entire SSNDOB marketplace were seized, including “ssndob.ws,” “ssndob.vip,” “ssndob.club,” and “blackjob.biz.”
As for how the activities of the SSNDOB marketplace managed to go unchecked since 2015, Bleeping Computer highlights how the websites effectively evaded DDoS attacks and actions from law enforcement by supplying various mirror sites.
This practice is common amongst illegal websites such as torrent services and the like. The method makes it nearly impossible to target the core operation behind the websites as there’s always a new domain that can be accessed.
As a result, SSNDOB saw threat actors being able to buy “social security numbers, dates of birth, and full info of people” predominantly through Bitcoin, which is largely an unregulated currency that has become commonplace amongst cybercriminals.
Personal information of U.S.-based residents was up for grabs for $0.50 in some cases. Dates of birth for individuals residing in the United Kingdom were also sold on the website.
According to cybersecurity firm Advanced Intel,…