Account Takeover Fraud , Cybercrime , Fraud Management & Cybercrime

Suspected InfinityBlack Hackers Arrested

Cybercriminals Had Access to Millions of User Credentials, Police Say
Suspected InfinityBlack Hackers Arrested

Five suspected members of the InfinityBlack hacking group have been arrested, and authorities in Europe say they’ve seized two databases with more than 170 million entries, including combinations of stolen usernames and passwords.

See Also: OnDemand | Combatting Rogue URL Tricks: How You Can Quickly Identify and Investigate the Latest Phishing Attacks

The hacking group is suspected of selling access to "combos" - lists of usernames and passwords stolen or leaked during previous data breaches - to other cybercriminal groups, according to Europol, the European Union law enforcement agency, which collaborated on the takedown with police in Poland and Switzerland.

InfinityBlack specialized in collecting stolen or leaked loyalty rewards credentials and then selling those to "less technical criminal gangs," according to Europol. These fraudsters would then allegedly access those accounts and exchange loyalty rewards points for expensive electronic equipment, authorities say.

The InfinityBlack group appears to have operated out of Poland, and five suspected hackers were arrested there by the Polish National Police - Policja - on April 29.

In addition to the two databases, police seized electronic equipment, external hard drives and cryptocurrency wallets that were worth about €100,000 ($108,000), according to Europol.

The hacking gang included subgroups with specific jobs, according to Europol. While a group of developers created tools to test stolen data, another group checked the quality of the credentials. A third group acted as "project managers" to facilitate the sale of the data, authorities allege.

The Swiss Connection

Authorities allege that InfinityBlack targeted a "large number" of customer accounts in Switzerland.

Computer equipment seized by Polish police (Photo: Europol)

The investigation into the group started when the alleged hackers created a malicious script that targeted customer accounts in Switzerland in a successful attempt to access combinations of usernames and passwords, according to Europol.

"Although the losses are estimated at €50,000 [$54,000], hackers had access to [loyalty rewards] accounts with potential losses of more than €610,000 [$660,000]," according to Europol.

Local police were tipped off to the scheme when some of the group's hackers, as well as other fraudsters, allegedly attempted to use some of those stolen credentials and other loyalty rewards data in Swiss stores and shops, Europol says.

"Once the criminal gang cashing out the loyalty points was identified in Switzerland, police exchanged criminal intelligence and uncovered links to members of the separate hacking group in Poland," according to Europol. "Transmitting the data on searched computers between the Swiss and Polish authorities led to the arrest of the hackers in Poland."

InfinityBlack appears to have started its operations in 2018, and the group's portal appears to have closed down sometime in 2019, according to ZDNet.

Earlier this year, Europol, the U.S. Justice Department and local police closed down an online market place called WeLeakInfo.com, which also trafficked in stolen usernames and passwords as well as other personal data. The site sold access to over 12 billion personal records culled from 10,000 data breaches (see: 'WeLeakInfo' Website Shut Down).


About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.