With the help of other agencies, the FBI takes down Slilpp

After running for almost 10 years, the largest marketplace for stolen credentials is shut down

In a joint operation, the FBI shut down the largest stolen credentials marketplace

The Federal Bureau of Investigations (FBI), in accordance with Justice Department’s Office of International Affairs and foreign law enforcement institutions from Romania (Directorate for the Investigation of Organized Crime and Terrorism), Germany (Bundeskriminalamt), and the Netherlands (National High Tech Crime Unit), has disrupted and seized the servers that hosted the Slilpp marketplace infrastructure.

During the cyber crackdown, most of the domains were immediately shut down. Now, upon entering one of the mirror websites, a seizure banner is presented. According to sources,^[1] over a dozen individuals connected to the illegal marketplace have been either arrested or charged by US law enforcement agencies.

Assistant Director in Charge Steven M. D’Antuono of the FBI Washington Field Office stated:^[2]

American identities are not for sale. <…> The FBI remains committed to working with our international partners to dismantle global cyber threats.

Slilpp marketplace purpose serves info-stealing criminals

According to the US Department of Justice (DoJ), the Slllpp marketplace was running since 2012. It presented a platform with a forum and payment mechanisms for threat actors to sell and purchase various stolen credentials. Before being taken down, the site vendors were offering more than 80 million stolen logins for over 1,400 companies worldwide.

The stolen credentials usually contained usernames and passwords for:

• bank accounts,
• mobile phone accounts,
• retailer accounts,
• online payment accounts,
• and other online accounts.

When Slilpp marketplace users bought any of these details, they were able to conduct various frauds, including identity theft, wire transfers, etc. According to Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division:

The Slilpp marketplace allegedly caused hundreds of millions of dollars in losses to victims worldwide, including by enabling buyers to steal the identities of American victims.

Although the full extent of damages induced by the Slilpp stolen credentials marketplace is yet to be discovered, experts presume that it caused over $200 million in losses in the United States alone. Thus taking it down is a real big step towards ensuring the safety of US residents and companies.

2021 – a huge year for cybersecurity, so far

The year started out with a successful Operation Ladybird operation where a joint effort of law enforcement agencies from the Netherlands, Germany, the U.S., the U.K., France, Lithuania, Canada, and Ukraine, has dismantled the infrastructure of Emotet.^[3]

It was dubbed as the most dangerous malware in the world.^[4] It was an email-based Windows malware that threat actors could use as a primary door opener. Cybercriminals were able to purchase services from Emotet developers, which provided them access to compromised computers and networks.

With it, evildoers were given a chance to infect the victim devices with various malware, including banking Trojans and ransomware. Over 700 servers operating the Emotet malware were seized. Ukrainian authorities reported that the botnet caused damages have cost around $2,5 billion.

An unrelated covert operation^[5] that had many names, including Operation Trojan Shield, has taken down more than 800 criminals worldwide by running a fake encrypted chat app for over three years. Within that timespan, The FBI and Australian Federal Police have intercepted more than 27 million messages exchanged by criminals using the ANoM app.

224 criminals have been arrested in Australia alone. Law enforcement agencies also seized over $48 million in various currencies, 250 firearms, 55 luxury vehicles, 22 tons of marihuana, and 8 tons of cocaine. The intercepted messages contained plots to kill, arrangements for gun distribution, drug trafficking schemes, etc.