justice.gov District of New Mexico | U.S. Government Seizes Online Marketplaces Selling Fraudulent Identity Documents Used in Cybercrime Schemes | United States Department of Justice
Thursday, August 28, 2025

The operators of VerifTools produced and sold counterfeit driver’s licenses, passports, and other identification documents that could be used to bypass identity verification systems and gain unauthorized access to online accounts.

ALBUQUERQUE – The U.S. Attorney’s Office for the District of New Mexico announced today the seizure of two marketplace domains and one blog used to sell fraudulent identity documents to cybercriminals worldwide. The operators of VerifTools produced and sold counterfeit driver’s licenses, passports, and other identification documents that could be used to bypass identity verification systems and gain unauthorized access to online accounts.

The Federal Bureau of Investigation (FBI) began investigating in August 2022 after discovering a conspiracy to use stolen identity information to access cryptocurrency accounts. The investigation revealed that VerifTools offered counterfeit identification documents for all 50 U.S. states and multiple foreign countries for as little as nine dollars, payable in cryptocurrency.

The FBI used the VerifTools marketplace to generate and purchase counterfeit New Mexico driver’s licenses, which were paid for with cryptocurrency. The FBI has identified the equivalent of approximately $6.4 million of illicit proceeds linked to the VerifTools marketplace. The following counterfeit documents are an example of New Mexico driver’s licenses obtained from VerifTools.

“The internet is not a refuge for criminals. If you build or sell tools that let offenders impersonate victims, you are part of the crime,” said Acting U.S. Attorney Ryan Ellison. “We will use every lawful tool to disrupt your business, take the profit out of it, and bring you to justice. No one operation is bigger than us together. With our partners at every level of law enforcement we will protect New Mexicans and defend those who stand up for our community.”

"The removal of this marketplace is a major step in protecting the public from fraud and identity theft crime," said Philip Russell, Acting Special Agent in Charge of the FBI Albuquerque Division. "Together with our partners, we will continue to target and dismantle the platforms that criminals depend on, no matter where they operate."

Acting U.S. Attorney Ryan Ellison and Acting Special Agent in Charge Philip Russell of the FBI’s Albuquerque Field Office made the announcement today.

The FBI’s Albuquerque Field Office investigated this case. The Justice Department’s Office of International Affairs provided valuable assistance.

The Justice Department collaborated closely with investigators and prosecutors from multiple jurisdictions in this investigation, including the District of New Mexico, Eastern District of Virginia, the Dutch National Police and the Netherlands Public Prosecution Service.

scmp.com - The new virtual ID scheme has been in the beta stage since a draft regulation was launched in July last year.

China has officially introduced a controversial national cyber ID system, despite concerns from some experts and netizens over privacy and censorship.

The system aims to “protect the security of citizens’ identity information”, according to regulations that went into effect on Tuesday, backed by the Ministry of Public Security, the Cyberspace Administration of China, and four other authorities.

The app, whose beta version was launched last year, issues an encrypted virtual ID composed of random letters and digits so the person’s real name and ID number are not given to websites when verifying accounts. So far, it is not-mandatory for internet users to apply for the cyber ID.

Starting in 2017, Beijing started ordering online platforms to adopt real-name registration for applications such as instant messaging, microblogs, online forums and other websites that ask netizens to submit their ID numbers. Separately, official ID has been required to register a mobile phone number in China since 2010.

Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities, and include business email compromise (BEC) attacks.

The notorious hacker USDoD, who is best known for high-profile data leaks, appears to be a man from Brazil, according to investigations conducted by CrowdStrike and others.

Over the past few years, USDoD, aka EquationCorp, has leaked vast amounts of information stolen from major organizations. His targets include the FBI’s InfraGard portal, Airbus, credit reporting firm TransUnion, background checking service National Public Data (NPD), and many others.

As social networks and porn sites move towards a verified identity model, the actions of one cybersecurity researcher show that ID verification services themselves could get hacked too.

A handful cryptographers were asked for feedback on the architecture of the European Identity Wallet (the Architecture Reference Framwork (ARF), currently at version 1.4.0). We seized the opportunity to write a short report to urge Europe to reconsider the design, and to base it on the use of anonymous (aka attribute-based) credentials.

Anonymous credentials were designed specifically to achieve authentication and identification that are both secure and privacy-preserving. As a result, they fully meet the requirements put forth in the eiDAS 2.0 regulation. (The current design does not.) Moreover, they are by now a mature technology. In particular we recommend to use the BBS family of anonymous credentials, which are efficient and mathematically proven secure.

Over 130 organizations have been compromised in a sophisticated attack using simple phishing kits