A world regulation enforcement operation has resulted within the dismantling of WT1SHOP, an internet prison market that specialised within the gross sales of stolen login credentials and different private data.
The seizure was orchestrated by Portuguese authorities, with the U.S. officers taking management of 4 domains utilized by the web site: “wt1shop[.]internet,” “wt1store[.]cc,” “wt1store[.]com,” and “wt1store[.]internet.”
The web site peddled over 5.85 million information of personally figuring out data (PII), together with roughly 25,000 scanned driver’s licenses/passports, 1.7 million login credentials for numerous on-line retailers, 108,000 financial institution accounts, 21,800 bank cards, the U.S. Justice Division (DoJ) mentioned.
The DoJ additionally unveiled a prison grievance towards Nicolai Colesnicov, accusing the 36-year-old particular person from the Republic of Moldova of operating {the marketplace}. Colesnicov has been charged with conspiracy and with trafficking in unauthorized entry gadgets.
In line with unsealed court docket paperwork, WT1SHOP supplied a cost mechanism that facilitated the trafficking of pilfered PII utilizing Bitcoin. The account store had 106,273 registered customers and 94 sellers with a complete of roughly 5.85 million credentials out there on the market as of December 2021.
The login credentials included these belonging to retailers and monetary establishments, e mail accounts, PayPal accounts, and identification playing cards, in addition to to remotely entry and function computer systems, servers, and community gadgets with out authorization.
The DoJ additionally mentioned regulation enforcement was capable of hint Bitcoin transactions made on WT1SHOP, together with the e-mail addresses and the login data from these accounts, to Colesnicov, enabling the authorities to find out his function because the administrator of the illicit market.
If convicted, Colesnicov faces a most sentence of 10 years in federal jail.
The event comes over a yr after regulation enforcement businesses from the U.S., Germany, the Netherlands, and Romania disrupted and took down the infrastructure of an underground market referred to as Slilpp that specialised in buying and selling stolen login credentials.
