This week, law enforcement and judicial authorities worldwide have taken down the most prolific English-speaking cybercriminal forum to date: Darkode. In an international coordinated action against the hacking forum and its users, investigators from all over the world targeted cybercriminals that were using the Darkode forum to trade and barter their hacking expertise, malware and botnets, and to find partners for their next spam runs or malware attacks.
The operation was led by the FBI and supported by Europol’s European Cybercrime Centre (EC3), with the involvement of law enforcement officers from 20 countries* in and outside the European Union. The takedown and arrests were coordinated from command posts set up by the FBI (Pittsburgh, USA) and Europol’s EC3 (The Hague, the Netherlands). From the command post in EC3, representatives of the Republic of Srpska (Bosnia and Herzegovina), Cyprus, Denmark, Finland, Germany, Latvia, former Yugoslav Republic of Macedonia, Romania, Serbia, Sweden, United Kingdom and the FBI coordinated the technical take down of the forum, alongside further law enforcement actions, which resulted in 28 arrests, 37 house searches, and numerous seizures of computers and other equipment.
The curtain fell on the cybercriminal forum when the site was taken down and a banner was put up online indicating that the FBI, EC3 and international partners had control over the site. This signified the end of Darkode, the most popular English-speaking hacking forum ranking in the top five of the most prolific criminal forums worldwide, a ranking otherwise dominated by Russian-speaking criminal platforms. The more than 250-300 active users of Darkode formed a closed community. Membership was by invitation only, and after being vetted by a trusted member of the forum. Although there were several scandals, changes and rumours of the forum being compromised during the course of its existence, the Darkode forum was the place to go to if you were an English-speaking cybercriminal. The popular cybercriminal hub facilitated the trade in goods and services including malware (malicious software), Zero Day Exploits (cyber-attacks exploiting software flaws) and access to compromised servers.
Europol’s Director Rob Wainwright says: “Today’s global action caused significant disruption to the underground economy, and is a stark reminder that private forums are no sanctuary for criminals and are not beyond the reach of law enforcement. We will continue to work with our law enforcement partners to make cyberspace as crime-free as possible for the world’s citizens.”
The takedown of the Darkode forum also marks the end for its criminal community of users and severely disrupts their malicious activity, ranging from hacking and stealing credit card and bank credentials, to botnets for rent and so-called DDoS attacks.
*Australia, Brazil, Canada, Croatia, Colombia, Cyprus, Denmark, Finland, former Yugoslav Republic of Macedonia, Germany, Israel, Latvia, Nigeria, Republic of Srpska (Bosnia and Herzegovina), Romania, Serbia, Sweden, United Kingdom, USA
For further information, please contact:
Lisanne Kosters, Europol Corporate Communications, +31 70 302 5001