The Justice Department announced seizure of the domain web3adspanels.org and an associated database that harvested bank login credentials used in account takeover schemes. The thefts attempted roughly $28 million and caused about $14.6 million in actual losses to U.S. victims; the FBI Atlanta Field Office led the investigation with assistance from Estonian authorities.

The Department of Justice announced on December 22, 2025 that it seized the domain web3adspanels.org and an associated credential database that investigators say was used to harvest bank usernames and passwords facilitating large-scale account takeover fraud. According to the DOJ, actors used the infrastructure to host phishing pages and collect thousands of stolen credentials, enabling schemes that attempted roughly $28 million in fraudulent transactions and resulted in approximately $14.6 million in confirmed losses to U.S. victims. The operation disrupted backend systems that supported the malicious pages and preserved evidence needed for further prosecutions. The FBI Atlanta Field Office led the probe with international cooperation from Estonian authorities who assisted in tracing infrastructure and data. The announcement emphasizes cross-border investigative work and the use of seizure authorities to remove tools used by fraud networks, while offering guidance to financial institutions and consumers about protecting login credentials and reporting suspected account takeovers to law enforcement.