The U.S. Attorney’s Office for the District of New Mexico announced Thursday that federal authorities have executed a court-authorized seizure of two domain names and one affiliated blog associated with VerifTools, an online marketplace peddling counterfeit driver’s licenses, passports, and other state- and country-issued identity documents.
Operating under the banner of VerifTools since 2020, the enterprise leveraged the anonymity of cryptocurrency and underground DNS infrastructures to facilitate identity fraud on a global scale.
Key Takeaways
1. Seized VerifTools domains, blocking $6.4 M in fake-ID sales.
2. FBI used DNS sinkholing and Tor forensics.
3. US-Dutch law enforcement collaboration on identity theft and money laundering charges.
The Federal Bureau of Investigation (FBI) initiated Operation Iron Seal in August 2022 after uncovering a conspiracy to exploit stolen Personally Identifiable Information (PII) for unauthorized access to cryptocurrency accounts and illicit transfers on the blockchain.
VerifTools advertised counterfeit digital and physical IDs for all 50 U.S. states and multiple foreign jurisdictions, accepting payments in Bitcoin (BTC) and Monero (XMR) via privacy-enhanced wallets.
According to court filings, the marketplace generated at least $6.4 million in illicit proceeds. Agents obtained and verified VerifTools’ backend source code through a controlled purchase of counterfeit New Mexico driver’s licenses priced at just $9 per document.
Using cryptocurrency mixing services and Tor‐based hidden services, operators obscured transaction trails and server locations.
FBI analysts deployed standard DNS sinkholing techniques to redirect VerifTools’ top-level domains (TLDs) to a government-controlled server, effectively neutralizing the sites and preserving evidence.
“If you build or sell tools that let offenders impersonate victims, you are part of the crime,” Acting U.S. Attorney Ryan Ellison stated, citing a seizure warrant.
Philip Russell, Acting Special Agent in Charge of the FBI’s Albuquerque Division, highlighted the technical complexity of dismantling such platforms:
“The removal of this marketplace is a major step in protecting the public from fraud and identity theft crime. We leveraged advanced cyber forensics packet capture (PCAP) analysis, deep packet inspection (DPI), and WHOIS record mapping to identify infrastructure nodes and operators.”
The sale or transfer of possession of false identification documents carries penalties of up to 15 years imprisonment.
The Justice Department’s Office of International Affairs facilitated mutual legal assistance requests, while prosecutors consolidated charges, including Conspiracy to Commit Aggravated Identity Theft and Money Laundering.
The FBI’s Albuquerque Field Office led the technical takedown, executing covert operations to seize control of VerifTools’ DNS records and preserving forensic images of server hard drives.
Domain registrars were served with ex parte seizure orders, and updated WHOIS entries now reflect registry status: “CONFISCATED BY THE UNITED STATES GOVERNMENT.”
Authorities continue to pursue the remaining cybercriminal network responsible for distributing these tools worldwide.
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
Source link
