When you experience a breach, time is crucial. Our 24/7 Security Operations Center responds immediately with precision to eliminate the threat and restore operations.
ShadowSpear® is an unparalleled resource that defends your organizations against advanced cyber threats and attacks 24/7/365.
Your organization has cybersecurity weaknesses and vulnerabilities you don’t yet even know about. They need to be found and found immediately. If you don’t someone else will.
Under Attack? Breach Response Hotline: Call 833.997.7327 (US/CAN)
The US Department of Justice (DOJ) completed a major takedown of an underground marketplace, Slilpp, holding stolen login credentials in part of an international law enforcement operation. At least 12 people have been charged or arrested in connection with the site. With combined efforts from the US, Germany, the Netherlands, and Romania, they were able to successfully take down the site and gain control over a set of servers hosting the operation and multiple domains the group used.
Slilpp has been active since 2012 and held stolen login credentials for 1400 companies, offering over 80 million usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other accounts used to abuse and carry out unauthorized transactions, such as wire transfers.
The DOJ has stated that the credentials used from this site have been able to allow threat actors to steal $200 million in the US alone. According to Acting Assistant Attorney General Nicholas L. McQuaid of the DOJ, “The Slilpp marketplace allegedly caused hundreds of millions of dollars in losses to victims worldwide, including by enabling buyers to steal the identities of American victims. The department will not tolerate an underground economy for stolen identities, and we will continue to collaborate with our law enforcement partners worldwide to disrupt criminal marketplaces, like Slilpp, wherever they are located.”
Law enforcement in the US and beyond has been hot on the trail of cybercrime during 2021 as there have been numerous arrests and operation takedowns. TrickBot and Emotet took a huge hit to their operations, but as always, they’ve figured out ways to continue to attack organizations maliciously. Using this theory of cybercrime repopulation, it’s likely there will be more leak sites popping up with credentials that work exactly like this one.
If there is anything you can take away from this news, it’s the fact that cyberattacks don’t stop because threat actors are relentless. Changing your passwords frequently and using a password manager would decrease the likelihood of your passwords ending up on leaked sites and prevent unauthorized access to your accounts.
SpearTip’s engineers actively view these sites in order to prevent unwarranted access to our clients’ accounts. When you have SpearTip’s Security Operations Center as a Service working for you, threats are detected and handled. In a threat landscape of constant threats, it’s vital for your organization to use an experienced security firm with 24/7 capabilities like SpearTip.
If you think your organization has been breached, call our Security Operations Center at 833.997.7327.
Identify, neutralize, and counter cyberattacks - provide confidence in your security posture
24/7 Breach Response: US/CAN: 833.997.7327
Main Office: 800.236.6550
1714 Deer Tracks Trail, Suite 150
St. Louis, MO 63131
©2024 SpearTip, LLC. All rights reserved.