InfinityBlack Dismantled After Selling Millions of Credentials | Threatpost

The InfinityBlack hacking group, which is responsible for selling millions of stolen credentials, has been dismantled.

Polish and Swiss law-enforcement authorities, supported by Europol, arrested five individuals in Poland believed to be members of InfinityBlack, on April 29. According to Europol, police also seized electronic equipment, external hard drives and hardware cryptocurrency wallets worth about $108,000. And, police shut down two platforms, containing databases with more than 170 million entries.

“A number of investigation measures by specialists from the Cyber Investigation Division (DEC) of the Vaud Cantonal Police made it possible to dismantle the InfinityBlack hackers’ network, set up to exploit this data to the detriment of businesses,” according to Europol’s Tuesday announcement. “Between 30 April and 2 May 2019, five arrests were made in the canton of Vaud, Switzerland.”

According to ZDNet, InfinityBlack was formed in late 2018 and operated the infinity[.]black website. The threat group used this online platform to sell login usernames and credentials, stolen or leaked through previous data breaches, to other cybercriminals.

Europol said the group comprised of three teams: Developers who created tools to test the quality of stolen databases, testers who analyzed the data and project managers who distributed subscriptions for cryptocurrency payments. In addition to selling compromised credentials, Europol said the group is also responsible for creating malware and hacking tools, and carrying out fraud.

InfinityBlack’s main source of revenue came through collecting stolen or leaked loyalty rewards credentials. They would sell these to other hackers, who could then exchange the loyalty points to buy expensive electronic gifts.

Credit: Europol

“The hackers created a sophisticated script to gain access to a large number of Swiss customer accounts,” said Europol. “Although the losses are estimated at €50,000 [$54,000], hackers had access to accounts with potential losses of more than €610,000 [$660,000].”

The takedown started with the unmasking of several fraudsters and hackers, many of them minors and young adults, who were attempting to cash out loyalty points in shops in Switzerland. Police then exchanged criminal intelligence and uncovered links to members of the hacking group in Poland.

“Transmitting the data on searched computers between the Swiss and Polish authorities led to the arrest of the hackers in Poland,” said Europol.

Europol has worked to successfully dismantle various cybercriminal gangs over the years. Last year, the organization brought down the cybercrime network behind the GozNym malware, used to siphon $100 million out of its victims. And in December 2019, the developers behind Imminent Monitor RAT, a commodity remote-access tool RAT that allows full control of a victim’s computer, were taken down by Europol and global authorities.

Inbox security is your best defense against today’s fastest growing security threat – phishing and Business Email Compromise attacks. On May 13 at 2 p.m. ET, join Valimail security experts and Threatpost for a FREE webinar, 5 Proven Strategies to Prevent Email Compromise. Get exclusive insights and advanced takeaways on how to lockdown your inbox to fend off the latest phishing and BEC assaults. Please register here for this sponsored webinar.

Also, don’t miss our latest on-demand webinar from DivvyCloud and Threatpost, A Practical Guide to Securing the Cloud in the Face of Crisis, with critical, advanced takeaways on how to avoid cloud disruption and chaos.