Stolen password-trading site Leakbase has gone offline in a move some reports have suggested was related to the takedown of infamous dark web marketplace Hansa.
The site first appeared in September 2016 and was responsible for selling billions of credentials — often taken from major breaches including those at LinkedIn and MySpace.
Although the firm tried to duck accusations of illegality as the log-ins it sold had already been breached, so-called “password trafficking” is certainly an offence in the US, according to researcher, Brian Krebs.
One of his sources claimed the takedown came following Dutch police efforts to seize the Hansa illegal drugs marketplace.
This relatively new tactic saw the police keep the site going for a while in order to catch some high profile sellers and buyers.
“According to my source, information the Dutch cops gleaned from their Hansa takeover led authorities to identify and apprehend one of the owners of Leakbase,” said Krebs in a blog post. “This information could not be confirmed, and the Dutch police have not yet responded to requests for comment.”
Leakbase responded swiftly to the suggestion, tweeting:
“The fact that we need to tweet this is disappointing in its self, non of the LeakBase operators have any connections to Hansa. The fact that this can be portrayed as near fact is astonishing as it is only a claim.”
However, it’s unclear if the site owners are merely covering their backs. Adding weight to Kreb’s theory is the fact that the site began redirecting visitors to legitimate breach notification site haveibeenpwned.
A previous note from the site on December 2 merely said “this project has been discontinued”, with a further missive posting an email address via which customers were encouraged to seek compensation.