21 people have been arrested across the U.K. as part of an operation targeting customers of an online criminal marketplace that advertised stolen personal credentials.
The operation, which ran over the past five weeks, was coordinated by the National Crime Agency (NCA) and involved cybercrime teams from across the Team Cyber U.K. network.
Those targeted were customers of WeLeakInfo, a site that hosted 12 billion stolen credentials from over 10,000 data breaches before it was taken down in January 2020 following an NCA investigation.
Cyber criminals paid for access to the site in order to download personal data for use in further criminality, including cyber attacks and fraud offenses.
NCA investigators identified U.K.-based customers of WeLeakInfo and shared the intelligence with partners ahead of the coordinated period of activity launching on November 16.
Of those 21 arrested – all men aged between 18-38 – nine were detained on suspicion of Computer Misuse Act offenses, nine for Fraud offenses and three are under investigation for both.
NCA officers conducted 11 of the arrests and seized over £41,000 in bitcoin.
As well as being customers of WeLeakInfo, evidence suggests that some had also purchased other cybercrime tools such as remote access Trojans (RATs) and crypters.
Additionally, three subjects have been found to be in possession of, or involved with, indecent images of children.
A further 69 individuals in England, Wales and Northern Ireland aged between 16-40 were visited by Cyber Prevent officers, warning them of their potentially criminal activity. 60 of those were served with cease and desist notices.
Many more of these visits are due to take place over the coming months.
Paul Creffield, from the NCA’s National Cyber Crime Unit, said: “Through the identification of U.K. customers of WeLeakInfo, we were able to locate and arrest those who we believe have used stolen personal credentials to commit further cyber and fraud offenses.
“The NCA and U.K. law enforcement take such offences extremely seriously and they can result in huge financial loss to victims.
“We were also able to pinpoint those on the verge of breaking the law and warn them that should they continue, they could face a criminal conviction. Cyber skills are in huge demand and there are great prospects in the tech industry for those who choose to use their skills legally.
“Cyber criminals rely on the fact that people duplicate passwords on multiple sites and data breaches create the opportunity for fraudsters to exploit that.
“Password hygiene is therefore extremely important. Advice on this and guidance on how to mitigate against cyber attacks can be found on the National Cyber Security Centre’s website.”
The NCA and U.K. policing’s Cyber Choices program aims to prevent young people inadvertently slipping into cybercrime and divert them to more positive pathways in tech.