FBI Seizes ‘SSNDOB’ ID Theft Service for Selling Personal Information of 24 Million People

SSNDOB ID Theft Service

An illegal online marketplace known as SSNDOB was commissioned under the direction of U.S. law enforcement agencies, the Justice Department announced Tuesday.

SSNDOB traded personal information such as names, dates of birth, credit card numbers and Social Security numbers of approximately 24 million individuals in the US, generating $19 million in sales revenue for the operators.

The action saw the seizure of several domains associated with the marketplace — ssndob.ws, ssndob.vip, ssndob.club and blackjob.biz — in conjunction with authorities from Cyprus and Latvia.

According to blockchain analytics company chain analysisSince April 2015, SSNDOB’s Bitcoin payment processing system has received nearly $22 million worth of Bitcoin through more than 100,000 transactions.


In addition, bitcoin transfers amounting to more than $100,000 have been unearthed between SSNDOB and Joker’s Stash, another darknet marketplace that specializes in stolen credit card information, and voluntarily closed shop in January 2021, suggesting a close relationship between the two. criminal storefronts.

“The SSNDOB administrators ran ads on criminal web forums for Marketplace’s services, provided customer support features, and regularly monitored the sites’ activities, including monitoring when buyers deposited funds into their accounts,” the DoJ said. said in a statement.

In addition, the cyber criminals allegedly used tactics to hide their true identities, including using anonymous online profiles, maintaining servers in different countries, and forcing potential buyers to use cryptocurrencies.

“Identity theft can have a devastating impact on a victim’s long-term emotional and financial health,” said Darrell Waldon, special agent in charge of IRS-CI Washington, D.C. Field Office. “The taking down of the SSNDOB website disrupted identity theft criminals and helped millions of Americans whose personal information had been compromised.”

The removal marks the continued intensification of efforts by law enforcement agencies around the world to disrupt malicious cyber activities.


Last week, Europol published the shutdown of the FluBot Android banking trojan, while the Justice Department said it seized three domains used by cybercriminals to trade stolen personal information and distributed denial-of-service (DDoS)- to facilitate attacks.

Earlier this year, the Federal Bureau of Investigation (FBI) also neutralized a modular botnet called Cyclops Blink and dismantled RaidForums, a hacking forum infamous for selling access to hacked users’ personal information.

In a related development, the US Treasury Department also sanctioned Hydra after German law enforcement disrupted the world’s largest and longest-running dark web marketplace in April 2022.