Pierluigi Paganini December 05, 2017

LeakBase, an online service that provided paid access to leaked credentials, was shut down over the weekend, what has happened?

LeakBase, an online service that provided paid access to leaked credentials, was shut down over the weekend and started redirecting to the data breach notification website HaveIBeenPwned.

We understand many of you may have lost some time, so in an effort to offer compensation please email, [email protected]
Send your LeakBase username and how much time you had left.
We will have a high influx of emails so be patient, this could take a while

— LeakBase (@LeakbasePW) December 3, 2017

Leakbase reportedly came under new ownership in April 2017, after it was hacked. According to the anonymous source cited by Krebs, the new owners of Leakbase dabbled in dealing illicit drugs at Hansa dark web marketplace.

“The Dutch police had secretly seized Hansa and operated it for a time in order to gather more information about and ultimately arrest many of Hansa’s top drug sellers and buyers. ” continues Krebs.

“According to my source, information the Dutch cops gleaned from their Hansa takeover led authorities to identify and apprehend one of the owners of Leakbase. This information could not be confirmed, and the Dutch police have not yet responded to requests for comment.”

Leakbase denied the accusation in this tweet:

The fact that we need to tweet this is disappointing in its self, non of the LeakBase operators have any connections to Hansa.
The fact that this can be portrayed as near fact is astonishing as it is only a claim.

— LeakBase (@LeakbasePW) December 4, 2017

Regardless of whether a connection to Hansa exists, the ownership of these services could prove that their commercial activity aimed to help potential victims of data breaches and not to facilitating further crimes.

Pierluigi Paganini

(Security Affairs – Leakbase, Hansa)

[adrotate banner=”5″]

[adrotate banner=”13″]