New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

WeLeakInfo Operator Receives Two Year Prison Sentence

A 23-year-old Dutch man who was charged with running the stolen credential service WeLeakInfo, was sentenced by a Dutch court to two years in prison with one year suspended, TheRecord reports. This man, along with two additional people, ran the online service WeLeakInfo which specialized in providing users access to over 12,415,528,535 entries of stolen credentials. The sentenced man was in charge of data processing as well as the helpdesk for the WeLeakInfo service. A Northern Irish suspect served as the site’s programmer and a third person, who remains at large, laundered payments made by customers. 

Analyst Notes

As the WeLeakInfo service demonstrated, it is very common for threat actors to have access to stolen passwords from many data breaches over the years. The issue that compounds this problem is that people often re-use the same passwords across multiple websites, and don’t often change them. If the same password that was leaked from a customer loyalty or retail shop is used to log in to an employer VPN or a financial services account online, and that account does not require Multi-Factor Authentication (MFA), threat actors can take advantage of that fact to abuse stolen credentials. Binary Defense recommends setting up MFA everywhere it is possible, and using a password manager to ensure that you use unique randomly generated passwords for all accounts. That way, if one account is hacked, attackers will be unable to chain access to other accounts.

 

To read more about WeLeakInfo and the criminal justice outcome, please see: https://therecord.media/operator-of-weleakinfo-database-marketplace-sentenced-to-two-years-in-prison/