Darkode hacking forum forced offline
- Published
Darkode - a notorious hacking forum used by Lizard Squad and other cybercriminals - has been shut down after an investigation carried out by authorities in 20 countries.
"We have dismantled a cyber-hornets' nest... which was believed by many, including the hackers themselves, to be impenetrable," said one of the US state attorneys involved, external.
Twenty-eight people have been arrested.
They include a 26-year-old man from Coventry, England.
In addition, the UK's National Crime Agency said an address, external in Paisley, Scotland, had been searched and material removed for examination. It said that five other suspected members of the site had previously been arrested.
The FBI added that dozens of other people linked to the site had been charged or had their property searched as part of the inquiry.
Restricted access
Darkode's members allegedly used the site to trade and to share hacking tools and information, including details of zero-day attacks - techniques that exploited flaws in products that neither their creators nor the wider security industry were aware of, and thus could not be protected against.
This information was password-protected.
"Only those proposed for membership by an existing user could join, but not until they posted a resume of the skills and achievements that could contribute to the criminal community," explained the NCA.
"There was a hierarchical membership structure, and the status of users determined who they could communicate with, and their access to the commodities and services on offer."
Although the site was not accessible to the general public, it was profiled extensively by the security blogger Brian Krebs, external, who posted several screenshots on his site.
"Most of the cybercrime forums are in Russian or some other language that's not English, but this was an English-language forum," he told the BBC.
"And it was a sort of meeting ground for cybercriminals from different nationalities and languages.
"A fairly significant number of people were selling botnet services there, and there were also services for deploying malware and phishing."
He added that the forum's visitors included members of Lizard Squad - a group of hackers which has carried out high-profile attacks on Sony, Microsoft and others.
"The guy that was most recently the admin of the forum used the nickname Sp3c," Mr Krebs recalled.
"He was a leading member of the Lizard Squad. What's interesting is that you don't see his name in the lists of those that were apprehended or charged as part of this.
"I don't really know what that means, but there was a definite connection between the Lizard Squad and this forum, at least in the last year or so."
The FBI said that Operation Shrouded Horizon had indicated up to 300 people had used the forum.
"During the investigation, the bureau focused primarily on the Darkode members responsible for developing, distributing, facilitating and supporting the most egregious and complex cybercriminal schemes targeting victims and financial systems," it said.
It added that its counterparts in Australia, Bosnia, Brazil, Israel, Colombia and Nigeria were among those involved in the international crackdown, and that efforts to trace other suspects were "ongoing".
- Published14 July 2015
- Published8 July 2015
- Published6 July 2015