UK NCA Visits WeLeakInfo Users To Warn Of Using Stolen Data

21 WeLeakInfo customers have been arrested across the UK for using stolen credentials downloaded from WeLeakInfo following an operation coordinated by the UK National Crime Agency (NCA).

NCA officers seized over £41,000 worth of bitcoin and they also served 60 more individuals from England, Wales and Northern Ireland with cease and desist notices.

They were also warned in person not to use stolen credentials downloaded from WeLeakInfo to avoid being arrested and prosecuted.

“A further 69 individuals in England, Wales and Northern Ireland aged between 16-40 were visited by Cyber Prevent officers, warning them of their potentially criminal activity,” the NCA said.

“The NCA and UK policing’s Cyber Choices programme aims to prevent young people inadvertently slipping into cyber crime and divert them to more positive pathways in tech.”

Also Read: How a Smart Contract Audit Works and Why it is Important

Only those who used stolen credentials were arrested

Nine of the 21 arrested men (aged between 18-38) were detained on suspicion of Computer Misuse Act offenses, nine for Fraud offenses, and three are investigated for both.

NCA added that some of the arrested WeLeakInfo customers have also bought cybercrime tools such as crypters and remote access trojans (RATs) based on evidence discovered during and after the arrests.

In addition, three of them were also found “to be in possession of, or involved with, indecent images of children.”

“Through the identification of UK customers of WeLeakInfo, we were able to locate and arrest those who we believe have used stolen personal credentials to commit further cyber and fraud offences,” Paul Creffield, from the NCA’s National Cyber Crime Unit, added.

“The NCA and UK law enforcement take such offences extremely seriously and they can result in huge financial loss to victims.”

WeLeakInfo takedown

WeLeakInfo.com was a website that provided subscribers with an online search engine providing access to personal information exposed in data breaches. The site sold subscriptions for those who wanted access providing unlimited searches to review and copy the stolen info.

The FBI took down the site and seized the domain in January 2020 in coordination with the UK NCA, the Netherlands National Police Corps, the German Bundeskriminalamt, and the Police Service of Northern Ireland.

The site was used by cybercriminals to gain access to illegally collected info following more than 10,000 data breaches and organized in a database with over 12 billion indexed records containing personal information (e.g., names, email addresses, usernames, phone numbers, and user credentials).

As part of the takedown operation, two individuals were also arrested in Ireland and the Netherlands under suspicion of being involved in the site’s administration.

Also Read: Data Centre Regulations Singapore: Does It Help To Progress?

Online payments tracing back to the two individuals’ IP addresses indicated that they may have been heavily involved in the site’s operation and that they have made £200,000 from its operation.