Jump to content
Sign in to follow this  

Malware And Hacking Forum Darkode Is Shut Down; Dozens Arrested

Recommended Posts

Malware And Hacking Forum Darkode Is Shut Down; Dozens Arrested


The Darkode malware forum was replaced by an image announcing its seizure by authorities Wednesday.

Justice Department

Announcing an international takedown of a malware marketplace, federal officials say that the forum called Darkode has been dismantled and dozens of its members have been arrested. Darkode has been a marketplace to purchase and trade hacking tools since at least 2008.

Investigators say that while the forum's existence was widely known, they hadn't been able to penetrate it until recently. Darkode operated under password protections and required referrals to join. On Wednesday, the site consisted of an image saying that it had been seized by authorities.

Announcing the crackdown Wednesday, the FBI and other officials say that it includes arrests in 20 countries and indictments for 70 individuals, including 12 in the U.S., from Wisconsin to Louisiana.

"The FBI has effectively smashed the hornets' nest," said U.S. Attorney David J. Hickton, "and we are in the process of rounding up and charging the hornets."

Hickton called Darkode one of the greatest threats to online security, mentioning one forum member who put up software (for a price of $65,000) that can take over cellphones. In another case, he said, a user offered the ability to steal and sell lists of friends on Facebook.

And the marketplace was sophisticated enough, Hickton said, that members could either "subscribe" to such hacking tools or buy them outright.

Those indicted include Johan Anders Gudmunds, identified by federal documents as an administrator of Darkode who created a large botnet of hacked computers that stole private information "on approximately 200,000,000 occasions."

John Lynch, chief of the criminal division's Computer Crime and Intellectual Property Section, called Darkode "a self-contained market" with sophisticated relationships in which participants used their connections to maximize the amount of money and damage they could extract.

The arrests come after a two-year FBI undercover operation that infiltrated the forum, said FBI Special Agent in Charge Scott S. Smith. Wednesday's announcement reflects work in countries that range from Brazil and Costa Rica to Latvia and Macedonia, the Justice Department says.

The Pittsburgh Post-Gazette explains how the investigation started:

"Following a lead generated in Pittsburgh around 18 months ago, the FBI cybersquad here launched Operation Shrouded Horizon. The bureau's local office assembled a coalition that started domestically with the bureau's offices in Washington, D.C., San Diego, New Orleans and San Francisco, and extended to online enforcement teams in 20 countries, including numerous European countries, Israel, Australia, Colombia, Brazil and Nigeria."

Federal officials say the investigation into Darkode is continuing.

Here are the defendants who are facing charges in the U.S., from the Justice Department news release:

  • Johan Anders Gudmunds, aka Mafi aka Crim aka Synthet!c, 27, of Sollebrunn, Sweden, is charged by indictment with conspiracy to commit computer fraud, conspiracy to commit wire fraud, and conspiracy to commit money laundering. He is accused of serving as the administrator of Darkode, and creating and selling malware that allowed hackers to create botnets. Gudmunds also allegedly operated his own botnet, which at times consisted of more than 50,000 computers, and used his botnet to steal data from the users of those computers on approximately 200,000,000 occasions.
  • Morgan C. Culbertson, aka Android, 20, of Pittsburgh, is charged by criminal information with conspiring to send malicious code. He is accused of designing Dendroid, a coded malware intended to remotely access, control, and steal data from Google Android cellphones. The malware was allegedly offered for sale on Darkode.
  • Eric L. Crocker, aka Phastman, 39, of Binghamton, N.Y., is charged by criminal information with sending spam. He is accused of being involved in a scheme involving the use of a Facebook Spreader that infected Facebook users' computers, turning them into bots that Crocker controlled through the use of command and control servers. Crocker sold the use of this botnet to others for the purpose of sending out massive amounts of spam.
  • Naveed Ahmed, aka Nav aka semaph0re, 27, of Tampa, Fla.; Phillip R. Fleitz, aka Strife, 31, of Indianapolis; and Dewayne Watts, aka m3t4lh34d aka metal, 28, of Hernando, Fla., are each charged by criminal information with conspiring to send spam. They are accused of participating in a sophisticated scheme to maintain a spam botnet that utilized bulletproof servers in China to exploit vulnerable routers in third world countries, and that sent millions of electronic mail messages designed to defeat the spam filters of cellular phone providers.
  • Murtaza Saifuddin, aka rzor, 29, of Karachi, Sindh, Pakistan, is charged in an indictment with identity theft. Saifuddin is accused of attempting to transfer credit card numbers to others on Darkode.
  • Daniel Placek, aka Nocen aka Loki aka Juggernaut aka M1rr0r, 27, of Glendale, Wis., is charged by criminal information with conspiracy to commit computer fraud. He is accused of creating the Darkode forum, and selling malware on Darkode designed to surreptitiously intercept and collect email addresses and passwords from network communications.
  • Matjaz Skorjanc, aka iserdo aka serdo, 28, of Maribor, Slovenia; Florencio Carro Ruiz, aka NeTK aka Netkairo, 36, of Vizcaya, Spain; and Mentor Leniqi, aka Iceman, 34, of Gurisnica, Slovenia, are each charged in a criminal complaint with racketeering conspiracy; conspiracy to commit wire fraud and bank fraud; conspiracy to commit computer fraud, access device fraud, and extortion; and substantive computer fraud. Skorjanc also is accused of conspiring to organize the Darkode forum and of selling malware known as the ButterFly bot.
  • Rory Stephen Guidry, aka k@exploit.im, of Opelousas, La., is charged with computer fraud. He is accused of selling botnets on Darkode.
  • In a related case, Aleksandr Andreevich Panin, aka Gribodemon, 26, of Tver, Russia; and Hamza Bendelladj, aka Bx1, 27, of Tizi Ouzou, Algeria, pleaded guilty on Jan. 28, 2014, and June 26, 2015, respectively, in the Northern District of Georgia in connection with developing, distributing and controlling SpyEye, a malicious banking trojan designed to steal unsuspecting victims' financial and personally identifiable information. Bendelladj and Panin advertised SpyEye to other members on Darkode. One of the servers used by Bendelladj to control SpyEye contained evidence of malware that was designed to steal information from approximately 253 unique financial institutions around the world. Panin and Bendelladj will be sentenced at a later date.

Sursa: Malware And Hacking Forum Darkode Is Shut Down; Dozens Arrested : The Two-Way : NPR

Share this post

Link to post
Share on other sites

Iar acum or sa fie aresta?i ?i useri forumului, ma intreb cati useri o sa dispara de pe rst.

Edited by fan_em

Share this post

Link to post
Share on other sites

Completare :

Procurorii DIICOT si ofiteri de politie judiciara, precum si ofiteri din cadrul National Crime Agency din Marea Britanie au efectuat 16 perchezitii domiciliare in Capitala si judetele Timisoara, Iasi, Craiova, Drobeta Turnu Severin, Oradea si in municipiul Fagaras, in cadrul unei actiuni de destructurare a unei grupari specializate in infractiuni din domeniul criminalitatii informatice, informeaza Agerpres. De asemenea, au fost efectuate descinderi simultane la domiciliile a aproximativ 50 de membri ai gruparii din 15 state, sincronizate si coordonate de catre FBI si Europol.

Potrivit unui comunicat al DIICOT, in cauza s-a dispus inceperea urmaririi penale impotriva a 12 persoane, pentru savarsirea infractiunilor de constituire a unui grup infractional organizat, alterarea integritatii datelor informatice, operatiuni ilegale cu dispozitive si programe informatice, acces ilegal la un sistem informatic, fals informatic, frauda informatica, efectuarea de operatiuni financiare in mod fraudulos si spalare de bani.

In primavara anului 2013, autoritatile judiciare romane s-au sesizat cu privire la existenta mai multor utilizatori care activeaza pe forumul online darkode.com/ darkode.me, specializat in activitati din sfera criminalitatii informatice.

Pe forum au fost identificati, pana in prezent, 12 cetateni romani care si-au creat conturi de utilizator, prin intermediul carora au comunicat intre ei, au comercializat date confidentiale, precum cele apartinand unor instrumente de plata electronica, si au coordonat modalitati specifice de executare a unor atacuri informatice asupra unor sisteme informatice.

Anchetatorii au informatii ca suspectii ar fi initiat si executat atacuri informatice impotriva unor servere care gazduiau diverse site-uri pe internet, precum si atacuri de tip phishing impotriva clientilor unor platforme financiare online.

Cu privire la un suspect din dosar s-a actionat in cadrul unei echipe comune de ancheta cu autoritatile judiciare din Marea Britanie, Finlanda si Slovenia constituite cu sprijinul EUROJUST si Europol.

Marti, procurorii DIICOT au retinut doi inculpati, S.G. si R. R. I., iar alte doua persoane sunt cercetate sub control judiciar, pentru savarsirea infractiunilor de fals informatic, operatiuni ilegale cu dispozitive si programe informatice, efectuarea de operatiuni financiare in mod fraudulos, acces ilegal la un sistem informatic, constituirea unui grup infractional organizat.

Procurorii sustin ca, in perioada 2013-2014, inculpatul R.R.I. s-a implicat alaturi de alti suspecti cercetati in prezenta cauza in lansarea mai multor atacuri de tip "phishing" impotriva utilizatorilor legitimi ai unei platforme/serviciu online de plati si totodata impotriva clientilor unei banci situate pe teritoriul Germaniei, in scopul obtinerii de date confidentiale aferente conturilor personale, date susceptibil a fi utilizate ulterior in cadrul altor activitati infractionale cu specific informatic.

Totodata, pe parcursul anului 2014, inculpatul S.G a achizitionat, prin intermediul internetului, de la mai multe persoane, date confidentiale aferente unor carduri bancare, de regula carduri de credit emise de institutii financiare din SUA si Anglia, transferand fara drept sume de bani catre mai multe persoane atat din SUA, cat si din Marea Britanie, care foloseau acte de identitate false pentru a ridica sumele de bani transferate.

Cu ocazia perchezitiilor efectuate au fost gasite si ridicate sistemele informatice utilizate in activitatea infractionala.

La actiune au participat politisti din cadrul DCCO - Serviciul de Combatere a Criminalitatii Informatice si din cadrul BCCO Bucuresti, Timisoara, Iasi, Craiova, Oradea si Brasov, ofiteri din cadrul National Crime Agency din Marea Britanie, precum si echipe de interventie din cadrul Jandarmeriei Romane.

Suportul tehnic si informativ a fost asigurat de catre Serviciul Roman de Informatii si Directia Operatiuni Speciale din IGPR.


You must be logged in to see the content.

Share this post

Link to post
Share on other sites

In maxim 3-4 ani, vor inchide toate forumurile astea mari de c@3$%ng, ATN, HF, etc, si nu doar, vor fii inchise si forumuri de hacking, care nu se ocupa cu c@3$%ng, e de ajuns sa postezi baze de date de la site-uri mari, deface-uri, conturi sparte etc, pana cand li se va pune pe pl si vor inchide tot ce tine de ''hacking'' piraterie, etc.

Vom ajunge sa folosim internetul doar pentru a dat ''laicuri'' pe facebook.

Share this post

Link to post
Share on other sites

Neah, e ca si cum spui ca opresti prostitutia si hotia... O sa apara altcineva care o sa faca alt forum or whatever si tot asa...

Share this post

Link to post
Share on other sites

Citisem si eu ziarele.Unele totusi spun ca Aerosol a dat deface ca nu au vrut aia sa ii dea VIP,plm daca stiu ce sa mai cred.

Edited by quadxenon

Share this post

Link to post
Share on other sites

Gresit, una e sa spargi si sa furi, sa faci frauda, si alta e sa faci prostitutie, prostituatele nu fura, ci platesc cu fundul pentru acei $.

Cui ii mai arde sa deschida alte forumuri, cand pe zi ce trece tot mai multe site-uri sunt inchise, toti mai multi utilizatori sunt inchisi? Cine isi risca libertatea, cine isi distruge familia pentru un rahat de forum?

Prea mult se fura, prea multi copii care se cred zmei si dau cu haji-ul in stanga si-n dreapta, si normal ca li se pune pe pl si la garda. Prostia omului, cand faci ceva si iti iese niste banuti, nu te opresti acolo, continui sa faci, si asa ajungi sa sugi pl, pentru ca nu stii sa te limitezi.

Oricum, parerea mea e ca majoritatea site-urilor care se ocupa cu piraterie / c@r$#%g, si alte rahaturi ilegale, for fii inchise in maxim cativa ani, iar utilizatorii nu vor mai avea curaj nici macar sa mai descarce o melodie de pe nte de frica, asa vom ajunge

Edited by Nonse

Share this post

Link to post
Share on other sites
Sa'mi trag una! grav de tot! Urmeaza, Exploit.in !

Nu inteleg, stii ce era pe darkode sau de ce esti asa de trist?

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this