Since the shutdown, only law enforcement banners can be seen on Weleakinfo.com
A hacker who appeared under pseudonyms such as "0rbit" and "g0d" stole personal information from 993 politicians and other prominent personalities and publicly advertised the leaks.
Politicians like Andrea Nahles (SPD) or Julia Klöckner (CDU), journalists like NDR presenter Christian Ehring and network celebrities like YouTuber Unge were affected.
The services of the Weleakinfo.com website have obviously helped "0rbit".
Twelve billion data records with access data for third-party online accounts could be accessed via them - for a subscription price of just two euros per day.
The site played an "important role" in the attacks by "0rbit," said public prosecutor Julia Bussweiler from the Central Office for Combating Internet Crime (ZIT) in response to a request from SPIEGEL.
The vast majority of the hacked accounts were attacked using the information from Weleakinfo.
That came out during the interrogations, said Bussweiler.
The ZIT, located at the Frankfurt Public Prosecutor's Office, had conducted the investigation into the "0rbit" case.
The 22-year-old Johannes S. is said to be behind "0rbit".
For many of the acts that he is accused of, he is said to have been a minor and lived with his parents.
He is said to have made some of the private data public at the end of 2018 via an "Advent calendar", a little later that made headlines across Germany as the "Doxing case".
FBI has the operator of the password platform arrested
Weleakinfo was shut down in January 2020 by an international investigation led by the FBI.
Previously, the platform published passwords, email addresses and other personal log-in information on a large scale.
According to its own information, it collected data from around ten thousand leaks.
With the data from the site, hackers could then very easily log into private email accounts, social media accounts or accounts with other web services.
According to the US Department of Justice, the site worked like a search engine to obtain credentials to access personal information.
The site was operated from the Netherlands and Northern Ireland.
At least that is what the investigative authorities of the two countries believe, who arrested a 22-year-old from Arnhem in the Netherlands on January 15, 2020 and a 23-year-old from Fintona, Northern Ireland.
A few hours after the arrest, the FBI took over the Weleakinfo domain and placed its own banner on the site, which can still be seen there today.
According to the National Crime Agency (NCA) in the UK, the two suspects are said to have earned more than £ 200,000 using the platform.
The German Federal Criminal Police Office (BKA) was also involved in the shutdown.
Since 2019, the BKA has also been investigating the site's operators, as a spokeswoman for SPIEGEL confirmed.
One of the servers operated by Weleakinfo is said to have been located in Germany.
Stealing and falsifying data, attempted extortion
For the trial against Johannes S. only two dates are initially set.
It had already become known that S. is said to have made a confession.
If the court considers S.'s guilt to be proven, the decisive factor for the amount of a penalty is whether and to what extent juvenile criminal law is applied.
The public prosecutor's office accuses S., among other things, of stealing data, spying on and changing data, falsifying data relevant to evidence, attempted extortion and violating the Federal Data Protection Act.
According to the indictment, S. is said to have tried to blackmail MPs by threatening to publish data.
He is also alleged to have faked impending rampages and bombings.
The negotiation takes place in camera.
How to protect yourself against data leaks
The model of platforms like Weleakinfo is also so attractive for criminals because people often use the same password for several pages.
To protect yourself from hacker attacks, you should use separate passwords or passphrases for each service.
This can be ensured particularly easily with password managers.
These programs also ensure that passwords are long enough and consist of a random combination of letters and numbers.
So-called two-factor authentication also offers additional security against hacker attacks.
It can ensure that hackers cannot access an account even if they have the password.
(Learn how to set up the feature here.)
You should also make sure that you no longer use passwords that have already emerged in a data breach.
You can test this yourself by entering your email address, which you use to log in, on a test page of the Hasso Plattner Institute.
The "Have I been Pawned" page from the renowned security researcher Troy Hunt offers a comparable service.
Icon: The mirror