Darkode bust: Feds shutter 'cyber hornet's nest of criminal hackers'
Federal investigators have seized and shut down Darkode, the largest English-speaking malware forum in the world.
A man types on a computer keyboard in Warsaw in this February 28, 2013.
Kacper Pempel/Reuters/File
Authorities have shut down what they say was the largest English-speaking malware forum used by cybercriminals around the world: Darkode.
The invitation-only site, which US Attorney David Hickton called "a cyber hornet's nest of criminal hackers,” served as a marketplace where cybercriminals could trade stolen data, hacking and spam tools and services, and methods for launching cyberattacks on governments and companies.
The investigation, known as Operation Shrouded Horizon, was led by the FBI and US attorney’s office in Pittsburgh and included authorities from Europol and 20 countries in Europe and Latin America as well as Israel, Nigeria, and Australia. It was the largest coordinated international law enforcement effort ever directed at an online cybercriminal forum, the Justice Department said Wednesday, but certainly not the first. Last year, another international bust took down BlackShades malware, resulting in the arrests of 97 cybercriminals from 16 countries.
Operation Shrouded Horizon came to a head on Tuesday when the website was seized and shut down. Visitors to darkode.com were greeted with logos of various law enforcement agencies from around the world and a notice saying the domain had been seized by the FBI as part of an investigation with the international agencies.
Cybercrime expert Brian Krebs, who had infiltrated the website to study it, said Darkode “was unusual because it was a virtual crossroads for criminal hackers from a variety of languages, countries and backgrounds.”
"For many years, some of the most accomplished cybercriminals sold their wares and services on this forum, including everything from denial-of-service attacks for hire to malicious software and stolen identities and credit cards,” Krebs said.
Darkode's advertised products included personal information for around 39,000 people from a database of Social Security identification numbers and 20 million emails and usernames. This information could be used to target people for identity theft, phishing emails, or other schemes, investigators said.
Operation Shrouded Horizon targeted more than 70 cybercriminals in the US and other countries. Some have been charged with crimes such as wire fraud and money laundering, selling and using malware programs that could steal data from computers and cellphones, and using "bot" networks to take over computers and send spam email. The site had roughly 250-300 active members from around the world.
This report includes material from Reuters and the Associated Press.