The U.S. government has seized the domain web3adspanels.org along with its database after uncovering its role in a large-scale bank account takeover operation.
The domain was used by cybercriminals to store stolen online banking login details collected from phishing attacks.
According to investigators, the criminals ran fake advertisements on Google and Bing that appeared in search results. These ads redirected users to counterfeit banking websites designed to look like real ones. When victims entered their login information, the data was secretly captured and sent to a backend server hosted on the seized domain.
Authorities estimate that confirmed financial losses from the scheme reached around $14.6 million. However, the FBI believes that the total amount of money criminals attempted to steal was much higher, close to $28 million. At least 19 victims across the United States have been identified so far, including two businesses located in Georgia.
The Department of Justice stated that the seized server contained thousands of stolen banking credentials, including those linked to the confirmed victims. Investigators also confirmed that the backend system remained active until as recently as November, showing the operation was ongoing for a long period.
The domain seizure was carried out with support from Estonian law enforcement and other international partners. Visitors to the domain now see a banner indicating it is under the control of law enforcement authorities.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
No arrests have been announced yet, but officials say the investigation is still active and could lead to the identification of those behind the operation.
