Trending

ee-track">
Link copied!

Infamous ‘WeLeakInfo.com’ 10,000+ Customers Details Leaked

In 2020, the FBI seized the website 'WeLeakInfo.com', which was selling breached data to anyone for as low as $2. The site was in operations for over 3 years. The website allowed anyone to see…

March 12, 2021 · 3 min read
Infamous ‘WeLeakInfo.com’ 10,000+ Customers Details Leaked

In 2020, the FBI seized the website ‘WeLeakInfo.com’, which was selling breached data to anyone for as low as $2. The site was in operations for over 3 years.

The website allowed anyone to see anybody’s plain-text passwords. Due to this very nature of its model, the website gained popularity in various hacking forums. Eventually, it gained the attention of the FBI and other law enforcement agencies as well.

Before this website taken offline, it claimed to have over 12Bn records in its systems.

weleakinfo.jpg

In the last 24 hours, things took an unanticipated turn, an actor in one of the hacking forums claimed to have registered one of the domains of WeLeakInfo. The domain is wli.design.

The domain was re-registered on March 11 2021 as below:

image 17

The WeLeakInfo operators allegedly used the domain’s email address for payments via Stripe, the actor claimed. The actor claimed to have registered the domain and then created an email address on the registered domain used in their Stripe account.

Upon access to WeLeakInfo’s Stripe account, the actor allegedly gained access to their customers’ details (including email, address, partial card details, purchase history and others).

image 18

The leaked files are:

image 19

Looking at the file “top_customers.csv”, it includes a number of personal and “maybe professional” email addresses (total 100).

image 20

The file ‘unified_payment’ has details on their buyers, including their addresses and partial details of their credit cards.

image 21

The “team” file has the information about the administrator – we haven’t been able to verify this though.

image 22

We recommend the following: 

  • Never share personal information, including financial information over the phone, email, or SMS  
  • Use strong passwords and enforce multi-factor authentication wherever possible  
  • Regularly monitor your financial transactions; if you notice any suspicious activity, contact your bank immediately  
  • Turn on the automatic software update feature on your computer, mobile, and other connected devices wherever possible and pragmatic  
  • Use a reputable antivirus and internet security software package on your connected devices, including PC, laptop, and mobile  
  • Register at AmiBreached.com to ascertain your exposure if you’re concerned about your exposure in the Darkweb 
  • Refrain from opening untrusted links and email attachments without verifying their authenticity   

About Cyble 

Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the darkweb. Cyble’s prime focus is to provide organizations with real-time visibility into their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Startups To Watch In 2020. Headquartered in Alpharetta, Georgia, and with offices in Australia, Singapore, and India, Cyble has a global presence. To learn more about Cyble, visit www.cyble.com

AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams