Law enforcement agencies have completed an international operation, as a result of which control over the website and domains of the underground marketplace WT1SHOP was seized. This marketplace sold stolen bank cards, documents, and millions of credentials.
WT1SHOP was one of the largest marketplaces for trading credentials and personal data, and criminals often scooped logins and passwords for hacking accounts, bank cards from which they later made purchases, as well as identity cards necessary for various frauds, including complete identity theft. As a rule, WT1SHOP was advertised on Russian-language hacker forums and subreddits dedicated to fraud and cybercrime.
“WT1SHOP served primarily carders and scammers involved in capturing other people’s accounts, and offered its services to many criminal communities,” says Vitaly Kremez, head of AdvIntel.
As the US Department of Justice has now reported, the Portuguese authorities seized the WT1SHOP website, and US law enforcement officers confiscated four marketplace domains: wt1shop.net, wt1store.cc, wt1store.com and wt1store.net. Other domains used by WT1SHOP (wt1store.biz, wt1store.me, wt1store.xyz and wt1store.org) do not appear to have been affected, but since the site has been taken over by the authorities, visiting any of these addresses will no longer grant access to the marketplace .
The Maryland District Attorney’s office and the FBI say the site traded the personal information of millions of users, including stolen credentials, bank account information, bank cards, and scans of identification documents, including passports and driver’s licenses.
“A law enforcement review of WT1SHOP in December 2021 showed that the number of users and merchants on the site was 106,273 users and 94 merchants. At the same time, about 5.85 million credentials were available for sale,” law enforcement officers say.
According to the Dutch police, there are still From July to June 2020, sales through WT1SHOP were estimated at $4 million in bitcoins.
The US Department of Justice said in a statement that bitcoin payments, email addresses and accounts of WT1SHOP administrators were traced back to 36-year-old citizen of the Republic of Moldova Nikolai Kolesnikov. The authorities believe that it is Kolesnikov who is the administrator of the now closed marketplace, and now he is accused in absentia of collusion and trading in unauthorized access devices. If arrested and found guilty, he faces up to 10 years in prison.