Account Takeover Fraud , Cybercrime , Fraud Management & Cybercrime
Suspected InfinityBlack Hackers Arrested
Cybercriminals Had Access to Millions of User Credentials, Police SayFive suspected members of the InfinityBlack hacking group have been arrested, and authorities in Europe say they’ve seized two databases with more than 170 million entries, including combinations of stolen usernames and passwords.
See Also: Understanding Human Behavior to Tackle ATO & Fraud
The hacking group is suspected of selling access to "combos" - lists of usernames and passwords stolen or leaked during previous data breaches - to other cybercriminal groups, according to Europol, the European Union law enforcement agency, which collaborated on the takedown with police in Poland and Switzerland.
InfinityBlack specialized in collecting stolen or leaked loyalty rewards credentials and then selling those to "less technical criminal gangs," according to Europol. These fraudsters would then allegedly access those accounts and exchange loyalty rewards points for expensive electronic equipment, authorities say.
The InfinityBlack group appears to have operated out of Poland, and five suspected hackers were arrested there by the Polish National Police - Policja - on April 29.
In addition to the two databases, police seized electronic equipment, external hard drives and cryptocurrency wallets that were worth about 100,000 ($108,000), according to Europol.
The hacking gang included subgroups with specific jobs, according to Europol. While a group of developers created tools to test stolen data, another group checked the quality of the credentials. A third group acted as "project managers" to facilitate the sale of the data, authorities allege.
The Swiss Connection
Authorities allege that InfinityBlack targeted a "large number" of customer accounts in Switzerland.
The investigation into the group started when the alleged hackers created a malicious script that targeted customer accounts in Switzerland in a successful attempt to access combinations of usernames and passwords, according to Europol.
"Although the losses are estimated at 50,000 [$54,000], hackers had access to [loyalty rewards] accounts with potential losses of more than 610,000 [$660,000]," according to Europol.
Local police were tipped off to the scheme when some of the group's hackers, as well as other fraudsters, allegedly attempted to use some of those stolen credentials and other loyalty rewards data in Swiss stores and shops, Europol says.
"Once the criminal gang cashing out the loyalty points was identified in Switzerland, police exchanged criminal intelligence and uncovered links to members of the separate hacking group in Poland," according to Europol. "Transmitting the data on searched computers between the Swiss and Polish authorities led to the arrest of the hackers in Poland."
InfinityBlack appears to have started its operations in 2018, and the group's portal appears to have closed down sometime in 2019, according to ZDNet.
Earlier this year, Europol, the U.S. Justice Department and local police closed down an online market place called WeLeakInfo.com, which also trafficked in stolen usernames and passwords as well as other personal data. The site sold access to over 12 billion personal records culled from 10,000 data breaches (see: 'WeLeakInfo' Website Shut Down).