550/68 Friday, December 26, 2025
The Federal Bureau of Investigation (FBI) has seized the domain web3adspanels[.]org, along with its associated databases, after determining that it was being used as infrastructure to collect and manage stolen banking usernames and passwords from victims in the United States. The domain functioned as a backend web panel for cybercriminals, allowing them to store and later exploit unlawfully obtained login credentials for fraud.
According to the U.S. Department of Justice, the attackers created malicious advertisements on search platforms such as Google and Bing, impersonating legitimate bank ads. When victims clicked on these ads, they were redirected to fake websites controlled by the attackers. Once users entered their login details, the information was intercepted by malware and transmitted to the criminals’ infrastructure. The attackers then used the stolen credentials to log into real banking systems, carry out account takeovers, and steal funds from victims.
The FBI’s investigation identified at least 19 victims in the United States, including two companies in the state of Georgia, with confirmed losses totaling approximately USD 14.6 million, and attempted losses exceeding USD 28 million. The domain remained active until November 2025 and contained thousands of stolen credentials. Estonian law enforcement authorities cooperated in preserving and collecting digital evidence from the servers hosting the phishing pages and databases.
The FBI stated that seizing the domain and databases will help prevent the stolen information from being used in further criminal activity, and urged the public to remain vigilant against online scams and to carefully verify the legitimacy of websites before entering sensitive information.
