On Tuesday, the Justice Department announced that a group of darkweb domains, collectively known as the SSNDOB Marketplace, had been taken offline. The websites were reportedly used to sell data like individuals’ names, Social Security numbers, and birthdates—predominately targeting those in the US
About 24 million people from the US had their info listed on the sites, and more than $19 million in revenue was generated by related sales, said the Department of Justice in its press statement. A separate analysis by the blockchain data contractor, Chainalysisfound that SSNDOB had processed about $22 million in Bitcoin since April 2015.
The FBI, DOJ, and IRS collaborated with the police departments of Cyprus and Latvia to investigate SSNDOB. “I applaud the extensive work and cooperation by our domestic and international law enforcement partners in bringing a halt to this global scheme,” said Florida US Attorney, Roger Handberg, in the statement. “The theft and misuse of personal information is not only criminal but can have a catastrophic impact on individuals for years to come.”
The news comes amid an ongoing crackdown on illegal websites, and is just the latest in a series of federal website seizures. In February, another illicit destination for stolen personal data, RaidForums, was shuttered and its alleged operator was arrested.
The specific domains newly seized and shuttered by law enforcement in this most recent push are ssndob.ws, ssndob.vip, ssndob.club, and blackjob.biz. If you visit any one of those websites, you’re automatically directed either to a “this site can’t be reached,” error notice or to a page displaying the various crests of the government agencies involved in the shutdown operation and declaring “THIS DOMAIN HAS BEEN SEIZED.”
As of writing this, the administrators of the SSNDOB Marketplace sites haven’t been publicly identified or arrested. However, the Chainalysis report on SSNDOB found a connection between the marketplace and Joker’s Stash, a former stolen credit card data exchange platform.
In 2021, Joker’s Stash—at the time the darkweb’s largest site for such theft— also shuttered. That closure seemingly happened on the site operator(s)’ own accord, but followed an FBI and Interpol raid. “The two markets may have had some relationship to one another, including possibly shared ownership,” the report said.
According to the DOJ, the site runners took careful steps to keep activity across their domains anonymous and to remain hidden themselves. The administrators “employed various techniques to practice”otect their anonymity and to thwart detection of their activities, including using online monikers that were distinct from their true identities, strategically maintaining servers in various countries, and requiring buyers to use digital payment methods, such as bitcoin.”