14 DAY TRIAL // The cybercriminal underground is filled with identity theft services that sell the details of Americans. One of these services has been thoroughly investigated by security expert and journalist Brian Krebs.
Ssndob.ms (SSNDOB) offers social security numbers, birth records, and credit and background reports. The prices for each SSN record range between $0.5 (€0.4) and $2.5 (€1.9), and between $5 (€3.7) to $15 (€11) for credit and background checks.
Since it was launched, in 2012, the website is said to have sold a large number of records – including 1.02 million SSNs, and over 3 million date of birth records – to its around 1,300 customers.
Brian Krebs has been analyzing the service for the past seven months. He has determined that SSNDOB actually gets its information from the compromised systems of several major consumer and business data aggregators from the United States.
The cybercriminals are operating a small botnet that helps them gain access to the data. At least five infected systems have been identified.
Two of them are owned by LexisNexis, a company that’s said to maintain the world’s largest electronic database for legal and public records related information. Two hacked servers are owned by Dun & Bradstreet and one by Kroll Background America, which is now part of background-checking firm HireRight.
It appears that the cybercrooks compromised the systems of Kroll in at least June 2013. The other two companies were breached even sooner: Dun and Bradstreet in March and LexisNexis in April.
Each of the organizations has been notified and they’re working on determining the full extent of the breach. The FBI has also been called in to investigate.
Krebs determined that SSNDOB acquired information from these companies after other hackers leaked the ID theft service’s databases. The leaked data didn’t contain any clues to indicate the source. However, the expert came across the botnet’s web-based interface, which showed the details of the infected hosts.
Krebs continues to investigate the SSNDOB service.