As part of an ongoing investigation involving the cooperation of 20 countries, the FBI announced this morning that Darkode, described as "the most sophisticated English-speaking forum for criminal computer hackers in the world," has been shut down and dismantled.
Twelve indictments have been issued by U.S. so far today, but the FBI's release on the arrests claims that the investigation will charge, arrest, or search at least 70 Darkode members worldwide.
“Through this operation, we have dismantled a cyber hornets’ nest of criminal hackers which was believed by many, including the hackers themselves, to be impenetrable," said U.S. Attorney David Hickton in a release.
The monumental bust and dismantling comes in the midst of reports that over 22 million U.S. residents have likely had their personal information stolen, due to a hack at the Federal Office of Personnel Management. "To be frank, our federal cybersecurity is not where it needs to be," Department of Homeland Security director Jeh Johnson said of the hack, which led to the OPM director issuing her resignation on Monday.
In a 2013 blog post, online security expert Brian Krebs wrote that the Darkode served as "a bazaar for all manner of cybercriminal wares, including exploit kits, spam services, ransomware programs, and stealthy botnets."
Selected indictments that have been made public detail the alleged exploits of the hacker group. Johan Anders Gudmunds of Sweden, one of the main defendants, is charged with conspiracy to commit computer fraud, among other charges. He is described as having controlled a botnet that infected over 60,000 computers in 2009. Those computers had "stolen data from the users of those computers approximately 200,000,000 times, allowing Gudmunds and his customers to gather unique credentials that gave them access to bank accounts and other information," reads the indictment.
After that success, Gudmunds began selling similar software to others on Darkode, including at least one time where he offered the software to an undercover FBI agent.
The creator of the Darkode forum, Daniel Placek (aka Loki/ Nocen/ Juggernaut) has also been issued an indictment for charges of criminal information with conspiracy to commit computer fraud, but it has not yet been made public. However, a document that has been released shows that yesterday the federal government issued a forfeiture notice on him and his properties. He is charged in the Eastern District of Wisconsin, where he currently resides.
In total, the governments that were involved with the investigation were: Australia, Bosnia and Herzegovina, Brazil, Canada, Colombia, Costa Rica, Cyprus, Croatia, Denmark, Finland, Germany, Israel, Latvia, Macedonia, Nigeria, Romania, Serbia, Sweden, the United Kingdom and the United States.
“Hackers and those who profit from stolen information use underground Internet forums to evade law enforcement and target innocent people around the world,” said Assistant Attorney General Leslie R. Caldwell. “This operation is a great example of what international law enforcement can accomplish when we work closely together to neutralize a global cybercrime marketplace.”
Daniel Rivero is a producer/reporter for Fusion who focuses on police and justice issues. He also skateboards, does a bunch of arts related things on his off time, and likes Cuban coffee.