The FBI in concert with Interpol and other worldwide law enforcement teams say they have taken down the international cybercriminal site marketplace Darkode and arrested 70 people involved with the site.
Darkode was an online, password-protected forum in which hackers and other cyber-criminals convened to buy, sell, trade and share malware, ransomware, information, ideas, and tools to facilitate unlawful intrusions on others’ computers and electronic devices, the FBI said.
+More on Network World: GAO: Early look at fed’s “Einstein 3” security weapon finds challenges+
Before becoming a member of Darkode, prospective members were allegedly vetted through a process in which an existing member invited a prospective member to the forum for the purpose of presenting the skills or products that he or she could bring to the group. Darkode members allegedly used each other’s skills and products to infect computers and electronic devices of victims around the world with malware and, thereby gain access to, and control over, those devices, the FBI said.
“Of the roughly 800 criminal internet forums worldwide, Darkode represented one of the gravest threats to the integrity of data on computers in the United States and around the world and was the most sophisticated English-speaking forum for criminal computer hackers in the world,” said U.S. Attorney David Hickton in a statement. “Through this operation, we have dismantled a cyber hornets’ nest of criminal hackers which was believed by many, including the hackers themselves, to be impenetrable.”
+More on Network World: DARPA’s $4M cyber-threat clash down to seven challengers+
According to the FBI, the following defendants face charges in the Western District of Pennsylvania where the take-down was announced:
- Johan Anders Gudmunds, aka Mafi aka Crim aka Synthet!c, 27, of Sollebrunn, Sweden, is charged by indictment with conspiracy to commit computer fraud, conspiracy to commit wire fraud, and conspiracy to commit money laundering. He is accused of serving as the administrator of Darkode, and creating and selling malware that allowed hackers to create botnets. Gudmunds also allegedly operated his own botnet, which at times consisted of more than 50,000 computers, and used his botnet to steal data from the users of those computers on approximately 200,000,000 occasions.
- Morgan C. Culbertson, aka Android, 20, of Pittsburgh, is charged by criminal information with conspiring to send malicious code. He is accused of designing Dendroid, a coded malware intended to remotely access, control, and steal data from Google Android cellphones. The malware was allegedly offered for sale on Darkode.
- Eric L. Crocker, aka Phastman, 39, of Binghamton, New York, is charged by criminal information with sending spam. He is accused of being involved in a scheme involving the use of a Facebook Spreader which infected Facebook users’ computers, turning them into bots which Crocker controlled through the use of command and control servers. Crocker sold the use of this botnet to others for the purpose of sending out massive amounts of spam.
- Naveed Ahmed, aka Nav aka semaph0re, 27, of Tampa, Florida; Phillip R. Fleitz, aka Strife, 31, of Indianapolis; and Dewayne Watts, aka m3t4lh34d aka metal, 28, of Hernando, Florida, are each charged by criminal information with conspiring to send spam.They are accused of participating in a sophisticated scheme to maintain a spam botnet that utilized bulletproof servers in China to exploit vulnerable routers in third world countries, and that sent millions of electronic mail messages designed to defeat the spam filters of cellular phone providers.
- Murtaza Saifuddin, aka rzor, 29, of Karachi, Sindh, Pakistan, is charged in an indictment with identity theft. Saifuddin is accused of attempting to transfer credit card numbers to others on Darkode.
- Daniel Placek, aka Nocen aka Loki aka Juggernaut aka M1rr0r, 27, of Glendale, Wisconsin, is charged by criminal information with conspiracy to commit computer fraud. He is accused of creating the Darkode forum, and selling malware on Darkode designed to surreptitiously intercept and collect email addresses and passwords from network communications.
- Matjaz Skorjanc, aka iserdo aka serdo, 28, of Maribor, Slovenia; Florencio Carro Ruiz, aka NeTK aka Netkairo, 36, of Vizcaya, Spain; and Mentor Leniqi, aka Iceman, 34, of Gurisnica, Slovenia, are each charged in a criminal complaint with racketeering conspiracy; conspiracy to commit wire fraud and bank fraud; conspiracy to commit computer fraud, access device fraud and extortion; and substantive computer fraud. Skorjanc also is accused of conspiring to organize the Darkode forum and of selling malware known as the ButterFly bot.
- Rory Stephen Guidry, aka k@exploit.im, of Opelousas, Louisiana, is charged with computer fraud. He is accused of selling botnets on Darkode.
Check out these other hot stories:
NASA algorithms keep unmanned aircraft away from commercial aviation
CIA: Julia Child and the shark repellant recipe
GAO: Early look at fed’s “Einstein 3” security weapon finds challenges
DARPA’s $4M cyber-threat clash down to seven challengers
Prototype wave energy device passes grid-connected pilot test