Following the FBI's seizure of the WeLeakInfo website, it appears hackers have started to turn on one another.
According to a report from Cybernews (opens in new tab), someone is selling a database containing private information linked with cybercriminals who have previously purchased stolen data through the WeLeakInfo website. The database is up for sale on another obscure forum.
For as little as $2 in virtual forum currency, the buyer can get a ZIP archive containing data on anyone who has used Stripe to buy stolen private information.
The data includes full names, partial credit card data, transaction dates, Stripe reference numbers, payment history, email addresses, IP addresses, user agents, street addresses and even phone numbers.
The method used to obtain this data isn’t exactly complex, but it is ingenious nonetheless. Cybernews explained that WeLeakInfo used a separate domain to process payments through the Stripe service, and that domain wasn’t seized by the FBI. Instead, it expired earlier this month and was later purchased by the current seller.
After buying the domain, the individual simply triggered the password recovery feature on Stripe and was allowed access to the dashboard.
Allegedly, more than 24,000 people used Stripe to make illegal purchases, and had spent more than $140,000.
- Make sure to check out our best Windows 10 antivirus (opens in new tab) guide