Europol arrests hackers behind Infinity Black hacker group | ZDNet
May 6, 2020
Europol announced today the arrest of five Polish hackers who were part of the Infinity Black hacking group.
The group formed in late 2018 and was primarily known for operating the Infinity[.]black website, where they sold access to “collections” of user credentials.
The collections were assembled together by gathering usernames and passwords leaked during data breaches at other companies in prior years.
Sources in the threat intelligence community told ZDNet today that the hacker group also operated Discord channels, shops on the Shoppy.gg e-commerce platform, and threads on multiple hacking forums.
On these channels and forums, the group advertised the Infinity[.]black portal, but also various hacking tools and scripts to perform credential stuffing attacks using the leaked credentials.
Infinity Black also used the hacking tools themselves. They used their collections of leaked username and password combinations to gain access to other online accounts — where victims might have reused credentials.
According to a Europol press release today, the group focused on online services running loyalty programs.
The Infinity Black crew would gain access to these accounts, and then sell the accounts to other criminal gangs, who would later exchange the loyalty points from each account for expensive electronic devices.
Swiss authorities started an investigation into the group’s operations after Infinity Black gained access to a large number of accounts belonging to Swiss users, and then sold access to other online fraudsters, causing financial losses to Swiss citizens.
“Although the losses are estimated at €50,000, hackers had access to accounts with potential losses of more than €610,000,” Europol said.
“The fraudsters and hackers, among them minors and young adults, were unmasked when using the stolen data in shops in Switzerland,” the agency said.
Swiss police escalated the investigation to Europol and Eurojust, which eventually led to the arrest of five individuals in Poland, on April 30, 2020, last week.
During the arrests and house searches, Polish police said they seized electronic equipment, external hard drives, and hardware cryptocurrency wallets, all worth around €100,000.
Police authorities also seized two online platforms with databases containing over 170 million stolen user credentials. One of them is believed to be DataSense[.]pw. The original Infinity Black web portal was not among them, as the site went down last year, believed to have been discontinued by its members.
The hacking group’s leader, an individual known as Azatej, is also believed to have been arrested. Azatej’s absence was almost immediately noticed by other users on the hacking forums were Azatej used to frequent and advertise hacking tools. Other known Infinity Black members include individuals going by the nicknames of Macien, TheN3RoX, and Kay, although we can’t confirm who of these was arrested at the time of writing.