Authorities seize SlilPP, a marketplace for stolen login credentials

The US Department of Justice announced today it seized the servers and domains of SlilPP, a well-known online marketplace where criminal groups assembled to trade stolen login credentials.

Before it was taken down today in a joint operation by law enforcement agencies from the US, Germany, the Netherlands, and Romania, SlilPP operated across multiple domains on the public internet and the dark web.

The portal had been live since 2012 and allowed anyone to register an account and then start buying or selling hijacked accounts.

Slilpp
Image: The Record

In a press release today, the DOJ said that across its nine-year history, the SlilPP portal hosted login credentials for more than 1,400 companies.

According to a Recorded Future intelligence card, the site’s users often sold login credentials for accounts at PayPal, Wells Fargo, SunTrust, Amazon, Verizon Wireless, Xfinity, Walmart, but also credit cards from various banks.

“According to the affidavit, a fraction of the victimized account providers have calculated losses so far; based on limited existing victim reports, the stolen login credentials sold over Slilpp have been used to cause over $200 million in losses in the United States,” the DOJ said today.

“The department will not tolerate an underground economy for stolen identities, and we will continue to collaborate with our law enforcement partners worldwide to disrupt criminal marketplaces wherever they are located,” said Acting Assistant Attorney General Nicholas McQuaid of the Justice Department’s Criminal Division.

Roman Y. Sannikov, Director of Cybercrime and Underground Intelligence at Recorded Future, described SlilPP as the “grandfather of all marketplaces.”

The portal marks the third online cybercrime marketplace specialized in selling login credentials that authorities took down in recent years after xDedic and Deer.io. xDedic sold RDP (remote desktop protocol) logins while Deer.io served as a Shopify-like platform for hosting shops for criminal groups.

Currently, the SlilPP homepage shows a typical DOJ & FBI seizure banner.

iprc_seized_banner
Image: The Record


Source: Recorded Future

Leave a Reply