DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

WeLeakInfo.to and Related Domain Names Seized

Posted on June 1, 2022 by Dissent
Source: Department of Justice

WASHINGTON – The FBI and the U.S. Department of Justice announced today that they have seized the internet domain name weleakinfo.to and two related domain names, ipstress.in and ovh-booter.com, following an international investigation into websites allowing users to buy access to stolen personal information or to perform attacks on victim networks.

The announcement was made by U.S. Attorney Matthew M. Graves of the District of Columbia and Special Agent in Charge Wayne A. Jacobs of the FBI Washington Field Office’s Criminal and Cyber Division.

“Today, the FBI and the Department stopped two distressingly common threats: websites trafficking in stolen personal information and sites which attack and disrupt legitimate internet businesses,” said U.S. Attorney Graves. “Cyber crime often crosses national borders. Using strong working relationships with our international law enforcement partners, we will address crimes like these that threaten privacy, security, and commerce around the globe.”

“These seizures are prime examples of the ongoing actions the FBI and our international partners are undertaking to disrupt malicious cyber activity,” said Special Agent in Charge Jacobs. “Disrupting malicious DDoS operations and dismantling websites that facilitate the theft and sale of stolen personal information is a priority for the FBI.”

The WeLeakInfo.to website had claimed to provide its users a search engine to review and obtain the personal information illegally obtained in over 10,000 data breaches containing seven billion indexed records – including, for example, names, email addresses, usernames, phone numbers, and passwords for online accounts.  The website sold subscriptions so that any user could access the results of these data breaches, with subscriptions providing unlimited searches and access during the subscription period (one day, one week, one month, three months, or lifetime).  In January 2020, the FBI and the U.S. Department of Justice also announced that they had seized the internet domain name weleakinfo.com, shutting down a similar service then provided at that site.

The ipstress.in and ovh-booter.com domains were also seized.  Those sites publicly offered to conduct “Distributed Denial of Service” attacks, or “DDoS” attacks for clients – specifically, a format called booter or stressor attacks.  DDoS attacks are a type of network attack in which multiple internet-enabled devices are used to attack computers hosting a website – usually by flooding the site with internet traffic – for the purpose of rendering it inaccessible to legitimate users or unable to communicate with the internet.

With execution of the warrant, the seized domain names – weleakinfo.to and the related domains – are now in the custody of the federal government, effectively suspending the website’s operation.  Visitors to the site will now find a seizure banner that notifies them that the domain name has been seized by federal authorities.  The U.S. District Court for the District of Columbia issued the seizure warrant.

The seizures of these domains were part of a coordinated law enforcement action with the National Police Corps of the Netherlands and the Federal Police of Belgium.  The actions executed by our international partners included the arrest of a main subject, searches of several locations, and seizures of the webserver’s infrastructure.

Any persons having information concerning weleakinfo.to or its owners and operators are encouraged to provide that information by filing a complaint (referencing #weleakinfo in the “Description of Incident” field) with the FBI’s Internet Crime Complaint Center (IC3) at https://www.ic3.gov/complaint/default.aspx.

These seizures are a part of a comprehensive law enforcement action taken by the FBI, the U.S. Attorney’s Office for the District of Columbia, and the Department of Justice’s Computer Crime and Intellectual Property Section, along with international law enforcement, including the Netherlands National Police Corps and the Belgium Federal Police.

Source: U.S. Attorney’s Office, District of Columbia

No related posts.

Category: Commentaries and AnalysesOf Note

Post navigation

← Pegasus Airlines data breach exposes 6.5TB of flight and crew data
CISA Alert (AA22-152A): Karakurt Data Extortion Group →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Obligations under Canada’s data breach notification law
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information
  • UK police arrest four in connection with M&S, Co-op and Harrods cyberattacks (1)
  • At U.S. request, France jails Russian basketball player Daniil Kasatkin on suspicion of ransomware conspiracy
  • Avantic Medical Lab hacked; patient data leaked by Everest Group
  • Integrated Oncology Network victim of phishing attack; multiple locations affected (2)
  • HHS’ Office for Civil Rights Settles HIPAA Privacy and Security Rule Investigation with Deer Oaks Behavioral Health for $225k and a Corrective Action Plan
  • HB1127 Explained: North Dakota’s New InfoSec Requirements for Financial Corporations
  • Credit reports among personal data of 190,000 breached, put for sale on Dark Web; IT vendor fined

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • DeleteMyInfo Wins 2025 Digital Privacy Excellence Award from Internet Safety Council
  • TikTok Loses First Appeal Against £12.7M ICO Fine, Faces Second Investigation by DPC
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • How to Build on Washington’s “My Health, My Data” Act
  • Department of Justice Subpoenas Doctors and Clinics Involved in Performing Transgender Medical Procedures on Children
  • Google Settles Privacy Class Action Over Period Tracking App
  • ICE Is Searching a Massive Insurance and Medical Bill Database to Find Deportation Targets

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.