The online marketplace named SSNDOB has been taken down by the US governing authorities.
The operation was conducted in cooperation with the Cyprus Police Department, the Internal Revenue Service (IRS), the Federal Bureau of Investigation (FBI), and the Department of Justice (DOJ).
The personal information of about 24 million people in the United States was listed on the SSNDOB Marketplace. The website is notoriously known for selling illegal access to personal information, which resulted in the site garnering $19 million in sales revenue.
SSNDOB's Online Marketplace
As a result of the collaborative efforts of law enforcement agencies, SSNDOB, an illegal site selling the names, social security numbers, and dates of birth of nearly 24 million people in the United States, has been taken offline.
The marketplace operates with four domains, which are blackjob.biz, ssndob.ws, ssndob.club, and ssndob.vip.
Although the website was used to sell the dates of birth of persons living in the United Kingdom, its primary purpose was to sell the personal information of people living in the United States for as little as fifty cents.
According to the United States Department of Justice, the administrators of the website sell their illegally obtained data through posting their listings on the dark web criminal forums. The bad actors are also providing customer support functions as they regularly monitor activities on the website.
The administrators of SSNDOB go to great lengths to hide and cover their identities to prevent the detection of the existence of the site. These strategies include creating different identities, maintaining servers in different countries, and requiring purchasers to use digital cryptocurrency payment methods.
However, finally, the operations have been dismantled and seized as a result of an international operation that was carried out in close conjunction with law enforcement agencies in Cyprus and Latvia. The domain names associated with the SSNDOB Marketplace were subject to the execution of seizure orders on June 7th, 2022.
SSNDOB's Identity Theft
According to Chainanalysis, users were able to search for specific names and other attributes, as well as browse through the accessible personal information organized by country. Email addresses, passwords, credit card numbers, and, in the case of many victims in the United States, social security numbers were among the personally identifiable information that was offered for sale on SSNDOB.com.
Malicious threat actors that obtained this information could use it to carry out phishing attacks and blackmail scam campaigns. Furthermore, these malicious actors can create social media accounts.
Regarding financial activities, the information sold on the site can be used by bad actors to create bank accounts, purchase numerous items, and trace back the expenses and bills to the real owner of the stolen identity.
According to information provided by the cybersecurity firm Advanced Intel to BleepingComputer, a significant portion of the collected data was stolen through data breaches at healthcare facilities and hospitals.
In addition, Chainalysis, a company that analyzes blockchain data, reveals in a unified report that from April 2015 to present, they have monitored a total of $22 million in Bitcoin that has been paid to SSNDOB.
Several of these transactions were rather significant, totaling a Bitcoin value of one hundred thousand dollars, which is an indication that some fraudsters were purchasing data in bulk.