US dismantled and seized SSNDOB cybercrime marketplace

An international operation led by the US authorities dismantled and seized the infrastructure of the online marketplace SSNDOB.

US DoJ announced the seizure of the SSNDOB Marketplace, a series of websites offering personal information, including the names, dates of birth, and Social Security numbers belonging to individuals in the United States. According to the authorities, the SSNDOB Marketplace has listed the personal information for approximately 24 million individuals in the United States, generating more than $19 million USD in sales revenue.

The international operation was conducted by the FBI, the Internal Revenue Service, and the Department of Justice, along with the Cyprus Police.

On June 7, 2022, seizure orders allowed to seize four domains used by the operators of the SSNDOB Marketplace (ssndob.ws, ssndob.vip, ssndob.club, and blackjob.biz), shutting down the website’s operation.

“The SSNDOB administrators created advertisements on darkweb criminal forums for the Marketplace’s services, provided customer support functions, and regularly monitored the activities of the sites, including monitoring when purchasers deposited money into their accounts.” reads the press release published by DoJ. “The administrators also employed various techniques to protect their anonymity and to thwart detection of their activities, including using online monikers that were distinct from their true identities, strategically maintaining servers in various countries, and requiring buyers to use digital payment methods, such as bitcoin.”

Blockchain analysis firm Chainalysis published an interesting report on the SSNDOB’s cryptocurrency transaction history, revealing connections to the popular Joker’s Stash carding website.

The experts reported that the SSNDOB’s Bitcoin payment processing system has been active since April 2015. Since then, the service has received nearly $22 million worth of Bitcoin across over 100,000 transactions. The average transaction was roughly $220, but experts noticed some largest transfers that reached as more than $100,000 worth of Bitcoin. 

“Most funds sent to SSNDOB have come from centralized and P2P cryptocurrency exchanges, as well as other services. Interestingly, roughly 10% of funds sent to SSNDOB have come from cryptocurrency ATMs, a higher proportion than we typically see for most services, including darknet markets and other illicit providers.” states Chainalysis.

“Between December 2018 and June 2019, SSNDOB sent over $100,000 worth of Bitcoin to Joker’s Stash, suggesting the two markets may have had some relationship to one another, including possibly shared ownership.”

The seizure is another important blow to the illegal activities online.

“These seizures demonstrate the FBI’s strong working relationship with our international partners in disrupting malicious cyber activity,” said FBI Tampa Special Agent in Charge David Walker. “Dismantling illicit marketplaces that threaten the privacy and security of the American public is a priority of the FBI.”

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. I ask you to vote for me again (even if you have already done it), because this vote is for the final.

Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”)

To nominate, please visit: 

https://docs.google.com/forms/d/e/1FAIpQLSdNDzjvToMSq36YkIHQWwhma90SR0E9rLndflZ3Cu_gVI2Axw/viewform

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, SSNDOB Marketplace)

[adrotate banner=”5″]

[adrotate banner=”13″]