In January 2020, the FBI seized the internet domain WeLeakInfo[.]com. The website served as a breach notification service, similar to HaveIBeenPwned, with one key difference. Unlike HaveIBeenPwned, WeLeakInfo granted subscribers access to clear text passwords leaked through breaches – not just for that subscriber’s own company or email accounts, but for other people’s passwords, too. Now, a threat actor has posted the payment data of the subscribers from WeLeakInfo to Raid forums, where anyone can download the data for 8 credits, a payment system used by the website. The threat actor noted on the post that they managed to hack the “stripe” account used by the website when it was still active. Cyber-security firm Cyble shared samples of the stolen data with Bleeping Computer and told them there were approximately 10,000 unique customers included. The data included spreadsheets that contained information such as email addresses, names, billing addresses, last four digits and expiration dates of credit cards, IP addresses, order history, IP addresses, and phone numbers.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is