Most public hacking forums are specifically research related and discourage criminal activity in ways that include aiding law enforcement investigators. Darkode was different in that it actively hosted discussions and transactions between the darker elements of the hacking world, allowing for the sale of malware and exploits.
Law enforcement worldwide had been focusing heavily on Darkode, with investigations popping up in 20 countries, by the time the domain and server were seized on Wednesday. The site displayed only a message from more than a dozen law enforcement agencies indicating that the site had been seized. Eventually, the FBI managed to social engineer their way into membership on the forum, through which they garnered enough evidence to shut down the site.
So far, twelve charges have been issued as a result of evidence collected through the site. Of these, two forum members have pleaded guilty in US court, although neither are US citizens. Both are in connection to an advanced piece of banking malware called SpyEye, which was designed to target specific financial institutions and steal account information for them. The other ten are charged with unrelated but similar charges of peddling malware and exploit information on the forum.
The server could potentially represent a trove of cases for investigators. Search warrants and potential charges have been issued for up to 58 more forum participants across the world, including in Australia, Canada, the UK, and Israel. This could be just the tip of the iceberg, although US Attorney David Hickton, who has already charged five alleged forum members in his district of Western Pennsylvania, including the two who’ve already plead guilty, Aleksandr Andreevich Panin and Hamza Bendelladj. Both of their pleas were entered long before the takedown of the site, and the FBI has not indicated whether or not their co-operation was crucial in the further investigation of the site.
Hickton said of the bust:
Through this operation, we have dismantled a cyber hornets’ nest of criminal hackers which was believed by many, including the hackers themselves, to be impenetrable.
Featured image from Shutterstock.