Posted on December 5, 2017 at 3:53 AM
The popular darknet marketplace for stolen data has recently shut down following a major DDoS attack and law enforcement intervention.
Leakbase, the online marketplace for buying stolen login credentials from previous data thefts recently closed down. According to some reports, the incident could perhaps be linked to the darknet marketplace, Hansa’s, take down by Dutch authorities earlier this year.
Leakbase wast established in September 2016 and boasted over two million login credentials that were taken from previous data breaches from several high-profile sites such as Dropbox, LinkedIn, and My Space.
However, some weeks ago, Leakbase users started experiencing issues in trying to contact the website’s support team. In addition, Leakbase users reported a variety of issues of the platform.
This past weekend, however, Leakbase users started ringing the alarm, as the website simply directed users to the security breach website, haveibeenpwned.com.
According to sources, the marketplace had a change in management and ownership following their damaging DDoS attack in April earlier this week. The source added that site’s new team were thought to be involved with nefarious drug-related activity linked to Hansa. The Hansa marketplace was taken down earlier this year by Dutch authorities.
After Dutch authorities seized the site, they continued to act as administrators to the website in an attempt to gather data regarding the site’s drug buyers and sellers.
The source added that following the Hansa investigation, Dutch authorities had enough information to trace the current owners of Leakbase. However, this information is not yet confirmed by the Dutch authorities.
Last week, the platform Tweeted that they would be discontinuing their website, and offered their users hopes of being refunded:
We understand many of you may have lost some time, so in an effort to offer compensation please email, firstname.lastname@example.org
Send your LeakBase username and how much time you had left.
We will have a high influx of emails so be patient, this could take a while
— LeakBase (@LeakbasePW) December 3, 2017
Earlier this year, Leakbase fell victim to a major DDoS attack. During April, a former member of the administration team re-used a password from the website’s x4b.net account. This service acted as the platform’s DDoS protection, however the former administrator used it to do away with their DDoS protection and make it vulnerable to attack.
In addition, the service x4b.net itself was hacked just before the Leakbase DDoS attack. Shortly after the attack, a hacking group known as the Money Team posted hundreds of Leakbase users’ login credentials in cleartext online.
Many have argued that platforms such as Leakbase, while questionable can’t be considered illegal. Essentially the platform is purely storing information that was already available to the public shortly after it was leaked in a previous data breach. However, several security and privacy experts disagree on the matter.
So far the Leakbase team is still to confirm or deny the widespread rumors regarding their shutdown.