A US law enforcement operation has taken down the websites and domains for the WT1SHOP marketplace. This criminal marketplace has sold troves of stolen information, such as credit card data, IDs, and login credentials.
WT1SHOP was one of the most well-known criminal marketplaces of PIII data, usually used by hackers to purchase credentials. Its buyers will use these bought credentials for account takeovers, identity theft, and online purchases.
Based on reports, the marketplace admins welcomed fraudsters and carders, focusing on account takeover activities, and offering services to several cybercriminal communities. Moreover, WT1SHOP representatives often promote its marketplace on Russian-based hacking forums and Reddit that accepts online cybercriminal activities.
Several countries were involved in the seizure of the WT1SHOP marketplace.
The US DOJ announced that law enforcement in Portugal seized the WT1SHOP website, and the United States seized four Internet domains used by hackers as a marketplace. The domains which were taken down are the wt1store.cc, wt1store.net, wt1store.com, and wt1shop.net.
Separate domains used by the website are wt1store[.]me, wt1store[.]xyz, wt1store[.]org, and wt1store[.]biz. These domains have not yet been taken down. However, visiting these domains can no longer allow access to the store since authorities have seized the main website.
The US Attorney’s Office in Maryland and the FBI led the operation. Both offices stated that the website sold the personal information of millions of users, including stolen bank accounts, credit cards, scanned government identification, login credentials, passports, and driver’s licenses.
The authorities also reviewed WT1SHOP’s background and discovered that the website’s number of sellers and users had increased to more than a hundred thousand and nearly a hundred sellers. Furthermore, there are approximately 5.85 million stolen credentials on the illegal marketplace.
Police authorities in the Netherlands estimated a whopping $4 million in sales paid in bitcoin during its run in June 2020. The DOJ traced the bitcoin payments, email addresses, and admin accounts for WT1SHOP back to a man named Nicolai Colesnicov from the Republic of Moldova.
The man is then charged with trafficking and conspiracy that will send to federal prison for ten years if found guilty.