Darkode Cybercrime Forum Shut Down

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

The U.S. Justice Department recently announced that the hacking forum Darkode has been "dismantled," and that charges have been filed against 12 people associated with the forum.

The charges are the result of a coordinated effort between law enforcement authorities in Australia, Bosnia and Herzegovina, Brazil, Canada, Colombia, Costa Rica, Cyprus, Croatia, Denmark, Finland, Germany, Israel, Latvia, Macedonia, Nigeria, Romania, Serbia, Sweden, the United Kingdom and the United States.

The Pittsburgh Post-Gazette reports that the FBI got an undercover agent into the referral-only forum in 2010. The FBI probe intensified about a year and half ago, and was named Operation Shrouded Horizon.

"Of the roughly 800 criminal Internet forums worldwide, Darkode represented one of the gravest threats to the integrity of data on computers in the United States and around the world and was the most sophisticated English-speaking forum for criminal computer hackers in the world," U.S. Attorney David J. Hickton said in a statement.

"Through this operation, we have dismantled a cyber hornets' nest of criminal hackers which was believed by many, including the hackers themselves, to be impenetrable," Hickton added.

The defendants include Morgan C. Culbertson, a.k.a. Android, 20, of Pittsburgh, Pennsylvania; Johan Anders Gudmunds, a.k.a. Mafi a.k.a. Crim a.k.a. Synthet!c, 27, of Sollebrunn, Sweden; Eric L. Crocker, a.k.a. Phastman, 29, of Binghamton, New York; Naveed Ahmed, a.k.a. Nav a.k.a. semaph0re, 27, of Tampa, Florida; Phillip R. Fleitz, a.k.a. Strife, 31, of Indianapolis, Indiana; Dewayne Watts, a.k.a. m3t4lh34d a.k.a. metal, 28, of Hernando, Florida; Murtaza Saifuddin, a.k.a. rzor, 29, of Karachi, Sindh, Pakistan; Daniel Placek, a.k.a. Nocen a.k.a. Loki a.k.a. Juggernaut a.k.a. M1rr0r, 27, of Glendale, Wisconsin; Matjaz Skorjanc, a.k.a. iserdo a.k.a. serdo, 28, of Maribor, Slovenia; Florencio Carro Ruiz, a.k.a. NeTK aka Netkairo, 36, of Vizcaya, Spain; Mentor Leniqi, a.k.a. Iceman, 34, of Gurisnica, Slovenia; and Rory Stephen Guidry, a.k.a. k@exploit.im, of Opelousas, Louisiana.

The Register reports that Culbertson, who is accused of designing and selling the Dendroid malware for Android phones, recently worked as mobile threat researcher at FireEye during which, according to his LinkedIn profile, he "improved Android malware detection by discovering new malicious malware families and using a multitude of different tools, automation techniques and decompiling analysis heuristics."

Tripwire director of IT security and risk strategy Tim Erlin told eSecurity Planet by email that the dismantling of Darkode is the result of an long running law enforcement operation. "While it certainly doesn’t spell the end of the black market for stolen data and malware, it will make an impact in reducing overall threat for individuals and organizations," he said.

"While individual organizations work diligently to protect themselves from the fruits of operations like Darkode, law enforcement must continue efforts to disrupt the supply chain," Erlin added. "The combination of tools on both sides can effectively raise the cost for the attacker."

A recent eSecurity Planet article examined the challenges of fighting cybercrime.