SlilPP is down after U.S law enforcement successfully conducts multinational operation to cripple the ‘largest’ online marketplace for hacked logins and passwords

SlilPP shut down FBI DoJ
SlilPP brought down. Pic credit: Nick Carter/Flickr

SlilPP, the largest online marketplace of stolen login credentials, is down. The U.S. Department of Justice (DOJ) confirmed that a multinational operation successfully destroyed the platform.

An online marketplace infamous for offering multiple stolen logins and passwords, especially belonging to U.S. citizens, was strategically destroyed by U.S. law enforcement and cybersecurity experts. Slilpp’s websites, on the clear and dark web display the “Seizure” banner.

SlilPP’s marketplace infrastructure and its domain names shuttered:

Law enforcement agencies from the United States, Germany, the Netherlands, and Romania have successfully busted the “largest” online and illegal marketplace for stolen logins. Advanced Intelligence CEO Vitali Kremez noted:

“SlilPP is the largest marketplace of compromised accounts ever seen in the criminal underground. The marketplace was responsible for major inflows of compromised data resulting in millions of dollars of illicit profits to the administrators”.

During the multinational operation, the U.S. FBI coordinated and collaborated with multiple prosecutors and investigators. Needless to mention, multiple agencies from several jurisdictions worldwide helped bring down SlilPP.

The online marketplace openly traded stolen logins, access credentials, and verified accounts to some of the biggest companies. The accounts belonged to online banking customers, mobile phones, retailers, and other similarly valuable online accounts.

SlilPP operated two websites, one of which was easily accessible on the open web. The other website was on the Dark Web. This is where the majority of the merchandise was available.

The open web website shows the typical U.S. DoJ Seizure and closure notice. Meanwhile, the onion website on the Dark Web reportedly shows an ‘invalid address’ prompt.

SlilPP wasn’t as big as ‘Silk Route’ but still had a thriving business dealing in illegally acquired logins and passwords:

Right before authorities took down the Slilpp marketplace the platform vendors were selling more than 80 million stolen login credentials. Concerningly, these were not low-level accounts.

The majority of the logins and access credentials reportedly belonged to “high-profile” users of more than 1,400 companies. Speaking about the scale of operations, Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division said:

“The SlilPP marketplace allegedly caused hundreds of millions of dollars in losses to victims worldwide, including by enabling buyers to steal the identities of American victims.”

There’s no exact account of the amount Slilpp earned through the illicit trade of stolen logins. Moreover, the true impact of such information is difficult to ascertain.

Authorities from around the world may have taken down SlilPP. However, there are quite a few platforms that offer similar services and products. The Ultimate Anonymity Services or UAS, for example, is the largest hacker marketplace for stolen RDP (Windows Remote Desktop Protocol) credentials.

Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x