The U.S. Department of Justice and the FBI, with the assistance of law enforcement authorities in 19 countries, have taken down "Darkode" -- underground, password-protected, online forum for buying, selling, and trading malware, botnets, stolen personally identifiable information, credit card information, hacked server credentials, and other pieces of data and software that facilitated complex cyber crimes all over the globe.
Operation Shrouded Horizon has resulted in legal charges, arrests, and searches involving 70 Darkode members and associates around the world; U.S. indictments against 12 individuals associated with the forum, including its administrator; the serving of several search warrants in the U.S.; and the Bureau’s seizure of Darkode’s domain and servers.
Access to the Darkode forum was "by invitation only" and authorities believe 200~300 individuals participated.
"Hackers and those who profit from stolen information use underground Internet forums to evade law enforcement and target innocent people around the world,” said Assistant Attorney General Caldwell. “This operation is a great example of what international law enforcement can accomplish when we work closely together to neutralize a global cybercrime marketplace.”
“Of the roughly 800 criminal Internet forums worldwide, Darkode represented one of the gravest threats to the integrity of data on computers in the United States and around the world and was the most sophisticated English-speaking forum for criminal computer hackers in the world,” said U.S. Attorney David J. Hickton. “Through this operation, we have dismantled a cyber hornets’ nest of criminal hackers which was believed by many, including the hackers themselves, to be impenetrable.”
Some charges announced by the FBI include:
- Johan Anders Gudmunds, aka Mafi aka Crim aka Synthet!c, 27, of Sollebrunn, Sweden, is charged by indictment with conspiracy to commit computer fraud, conspiracy to commit wire fraud, and conspiracy to commit money laundering. He is accused of serving as the administrator of Darkode, and creating and selling malware that allowed hackers to create botnets.
- Morgan C. Culbertson, aka Android, 20, of Pittsburgh, is charged by criminal information with conspiring to send malicious code. He is accused of designing Dendroid, a coded malware intended to remotely access, control, and steal data from Google Android cellphones. The malware was allegedly offered for sale on Darkode.
- Eric L. Crocker, aka Phastman, 39, of Binghamton, New York, is charged by criminal information with sending spam. He is accused of being involved in a scheme involving the use of a Facebook Spreader which infected Facebook users’ computers, turning them into bots which Crocker controlled through the use of command and control servers. Crocker sold the use of this botnet to others for the purpose of sending out massive amounts of spam.
- Naveed Ahmed, aka Nav aka semaph0re, 27, of Tampa, Florida; Phillip R. Fleitz, aka Strife, 31, of Indianapolis; and Dewayne Watts, aka m3t4lh34d aka metal, 28, of Hernando, Florida, are each charged by criminal information with conspiring to send spam.
- Murtaza Saifuddin, aka rzor, 29, of Karachi, Sindh, Pakistan, is charged in an indictment with identity theft. Saifuddin is accused of attempting to transfer credit card numbers to others on Darkode.
- Daniel Placek, aka Nocen aka Loki aka Juggernaut aka M1rr0r, 27, of Glendale, Wisconsin, is charged by criminal information with conspiracy to commit computer fraud. He is accused of creating the Darkode forum, and selling malware on Darkode designed to surreptitiously intercept and collect e-mail addresses and passwords from network communications.
https://www.fbi.gov/pittsburgh/press-releases/2015/major-computer-hacking-forum-dismantled
