Cyber Security

Leakbase Is Reportedly Dead!

DDoS Attack bids farewell to Leakbase

DDoS attack is rapidly increasing both in terms of frequency and severity. Recently, a website known Leakbase went offline following DDoS Attack. Leakbase was an online marketplace established in September 2016 to sell stolen usernames and passwords acquired from data breaches. Some reports have linked this attack with Hansa’s take down by Dutch authorities earlier this year.

Few weeks ago, Leakbase users started to experience issues while accessing the site or contacting the support team. Soon after this incident an alarming bell started to ring as they were being re-directed to a security breach website, haveibeenpwned.com run by security researcher Troy Hunt.

According to sources, all this happened due to a connection found between both the sites by the Dutch police who raided Hansa dark web market back in July.

In April 2017, Leakbase became victim of a DDoS attack which took place due to negligence of a team member as he reused a password from the website’s x4b.net account. A service that Leakbase relied on for protecting itself from distributed denial-of-service (DDoS) attacks planned to hit the site offline.

The service x4b.net itself was hacked just before the Leakbase DDoS attack and a hacking group known as the Money Team posted hundreds of Leakbase user’s’ login credentials in cleartext online.

Soon after the DdoS attack Leakbase’s management and ownership was changed and the new owners were found selling drugs by the Dutch authorities. After the take down of Hansa they were collecting information related to Hansa’s drug buyers and sellers. During this process, they found a connection between the current owners of Leakbase and Hansa which caused Leakbase to shut down.

On Dec 2, last week the platform tweeted they will soon discontinue the website and offer refund to the users who have any unused balances stored with the site.

See Also: Cyberstalking: An Underrated Crime

After all this, many users argued that platforms such as Leakbase, can’t be considered illegal, as it is only storing the information that was already compromised and available for the public. However, several security and privacy experts disagree on the matter.

So far, the Leakbase team has not yet confirmed or denied the widespread rumors regarding their shutdown.

This clearly shows that not even sites on dark web are safe. DDoS attack can target any site and compromise it when it wants. Also, the link between two sites states that no one can go scot-free. If you are found doing anything unethical that is harmful even when done quietly will not go unnoticed. So, don’t assume DDoS can only target popular sites it can target any site.

Leave a comment