Darkode: Feds shutdown cyber hornet’s nest of criminal hackers

Authorities have shut down what they say was the largest English-speaking malware forum used by cyber criminals around the world: Darkode.

The invitation-only site, which US Attorney David Hickton called “a cyber hornet’s nest of criminal hackers,” served as a marketplace where cyber criminals could trade stolen data, hacking and spam tools and services, and methods for launching cyber attacks on governments and companies.

US-FBI-ShadedSeal.svgThe investigation, known as Operation Shrouded Horizon, was led by the FBI and US attorney’s office in Pittsburgh and included authorities from Europol and 20 countries in Europe and Latin America as well as Israel, Nigeria, and Australia. It was the largest coordinated international law enforcement effort ever directed at an online cyber criminal forum, the Justice Department said Wednesday, but certainly not the first. Last year, another international bust took down BlackShades malware, resulting in the arrests of 97 cyber criminals from 16 countries.

Operation Shrouded Horizon came to a head on Tuesday when the website was seized and shut down. Visitors to darkode.com were greeted with logos of various law enforcement agencies from around the world and a notice saying the domain had been seized by the FBI as part of an investigation with the international agencies.

Cybercrime expert Brian Krebs, who had infiltrated the website to study it, said Darkode “was unusual because it was a virtual crossroads for criminal hackers from a variety of languages, countries and backgrounds.”

“For many years, some of the most accomplished cyber criminals sold their wares and services on this forum, including everything from denial-of-service attacks for hire to malicious software and stolen identities and credit cards,” Krebs said.

Darkode’s advertised products included personal information for around 39,000 people from a database of Social Security identification numbers and 20 million emails and usernames. This information could be used to target people for identity theft, phishing emails, or other schemes, investigators said.

Operation Shrouded Horizon targeted more than 70 cyber criminals in the US and other countries. Some have been charged with crimes such as wire fraud and money laundering, selling and using malware programs that could steal data from computers and cellphones, and using “bot” networks to take over computers and send spam email. The site had roughly 250-300 active members from around the world.