A joint operation by the Federal Bureau of Investigation (FBI), the Internal Revenue Service (IRS), and the Cyprus Police, allowed the dismantling of SSNDOB, an illegal dark web operation in which the names, dates of birth, social security numbers and other confidential details of up to 24 million US citizens were sold.
A total of four domains were seized at the end of this operation, including “ssndob.ws”, “ssndob.vip”, “ssndob.club” and “blackjob.biz”. These platforms now display a banner informing about the seizure.
According to a report by the U.S. Department of Justice (DOJ), this malicious structure consisted of multiple platforms acting as mirrors of each other, which helped prevent denial of service (DoS) attacks and evade law enforcement. SSNDOB allowed cybercriminals to purchase sensitive information stolen in other security incidents.
In their report on this malicious operation, the agencies mention that these platforms generated around $19 million, putting at risk the integrity of millions of Americans and even some British citizens. Each unique record was sold for as little as $0.50.
Separately, a report from Advanced Intel notes that much of the information collected was obtained through data breaches at medical institutions and hospitals. Once the information was sold, it was used by hacking groups to deploy electronic and financial fraud campaigns.
Finally, blockchain analytics firm Chainalysis reported tracking $22 million in Bitcoin paid to SSNDOB since April 2015, suggesting that cybercriminal groups were buying large batches of information on these platforms.
Chainalysis also uncovered a connection between SSNDOB and the popular black-market platform Joker’s Stash, which was shut down in January 2021: “Perhaps most interesting of all is the activity we see between SSNDOB and Joker’s Stash, a large darknet marketplace focused on stolen credit card information and more sensitive details.”
While Joker’s Stash voluntarily shut down operations, they faced increased pressure from law enforcement, disruptions due to COVID-19, and the quality of stolen credit cards.
Feel free to access the International Institute of Cyber Security (IICS) websites to learn more about information security risks, malware variants, vulnerabilities, and information technologies.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.