Under Attack? Breach Response Hotline: Call 833.997.7327 (US/CAN)

Slilpp

SpearTip | June 15th, 2021

 

The US Department of Justice (DOJ) completed a major takedown of an underground marketplace, Slilpp, holding stolen login credentials in part of an international law enforcement operation. At least 12 people have been charged or arrested in connection with the site. With combined efforts from the US, Germany, the Netherlands, and Romania, they were able to successfully take down the site and gain control over a set of servers hosting the operation and multiple domains the group used.

Taking Down Slilpp

Slilpp has been active since 2012 and held stolen login credentials for 1400 companies, offering over 80 million usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other accounts used to abuse and carry out unauthorized transactions, such as wire transfers.

The DOJ has stated that the credentials used from this site have been able to allow threat actors to steal $200 million in the US alone. According to Acting Assistant Attorney General Nicholas L. McQuaid of the DOJ, “The Slilpp marketplace allegedly caused hundreds of millions of dollars in losses to victims worldwide, including by enabling buyers to steal the identities of American victims. The department will not tolerate an underground economy for stolen identities, and we will continue to collaborate with our law enforcement partners worldwide to disrupt criminal marketplaces, like Slilpp, wherever they are located.”

Law enforcement in the US and beyond has been hot on the trail of cybercrime during 2021 as there have been numerous arrests and operation takedowns. TrickBot and Emotet took a huge hit to their operations, but as always, they’ve figured out ways to continue to attack organizations maliciously. Using this theory of cybercrime repopulation, it’s likely there will be more leak sites popping up with credentials that work exactly like this one.

If there is anything you can take away from this news, it’s the fact that cyberattacks don’t stop because threat actors are relentless. Changing your passwords frequently and using a password manager would decrease the likelihood of your passwords ending up on leaked sites and prevent unauthorized access to your accounts.

SpearTip’s engineers actively view these sites in order to prevent unwarranted access to our clients’ accounts. When you have SpearTip’s Security Operations Center as a Service working for you, threats are detected and handled. In a threat landscape of constant threats, it’s vital for your organization to use an experienced security firm with 24/7 capabilities like SpearTip.

If you think your organization has been breached, call our Security Operations Center at 833.997.7327.

Categories

Connect With Us

Featured Articles

Protecting Space Satellites
Protecting Space Satellites Using Cybersecurity
25 March 2024
Ransomware-as-a-Service
Growing Cyber Threat: Ransomware-as-a-Service
11 March 2024
Information Security Threats
10 Information Security Threats IT Teams Need To Know
08 March 2024
Data Protection
Companies Investing More Into Data Protection
06 March 2024

See ShadowSpear in Action

Identify, neutralize, and counter cyberattacks - provide confidence in your security posture

Stay Connected With SpearTip

Inside the SOC Newsletter

View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.

ShadowSpear Platform

Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.

ShadowSpear Demo

Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.