WeLeakInfo Marketplace Operator Sentenced to Two Years in Prison

One of the three operators of the WeLeakInfo website, which sold access to various data breaches to anyone interested, has been sentenced in the Netherlands to two years in prison. However, the second year of the sentence will be served on probation.

During a court hearing held earlier this year, the suspect—a 23-year-old man whose name has not been disclosed—admitted to running the service together with a man from Northern Ireland and a third, unidentified individual who remains at large.

The three administered a service that sold access to data from more than 12.5 billion accounts, collected from 10,000 different breaches. In practice, the site provided access to people’s passwords in plain text for a fee. Access cost just $2 per day, $7 per week, or $24 per month.

Although the site tried to disguise itself as a legitimate service (similar to Have I Been Pwned), it was actively promoted on hacker forums as a resource where old account credentials could be found. This information could then be used to attempt to hack into various victim profiles, hoping that the same passwords had been reused.

The 23-year-old Dutch resident told investigators that he did not create the site but joined the WeLeakInfo team in early 2016, when the service was already operational. Allegedly, the suspect from Northern Ireland wrote the site’s code, while the third, unidentified person laundered payments from customers. The convicted individual said he “mainly handled data processing and responded to support inquiries.”

He explained that he processed hacked databases and uploaded them to WeLeakInfo’s servers. Most of the data was provided to the service “as donations.” In other words, the scheme—where users were given free access to the service if they provided WeLeakInfo with a new database—worked very well.

It’s worth recalling that in early 2020, the WeLeakInfo.com domain was seized as a result of a joint operation by the FBI and law enforcement agencies from Northern Ireland, the Netherlands, Germany, and the United Kingdom. After the domain was seized, two men who operated the service were arrested in the Netherlands and Northern Ireland.

According to court documents, just days before their arrest, the administrators exchanged messages on WhatsApp discussing a subpoena from the FBI. Based on the logs, the two suspects believed they were safe, thinking that authorities did not send requests to underground marketplaces. As a result, the WeLeakInfo operators assumed the FBI considered them “legitimate.”

Source

• Our other channels
• Our friends and partners