DarkMarket

Last updated
DarkMarket
Type of site
Cybercrime forum
Available inEnglish
Created byRenukanth Subramaniam
Current statusShut down

DarkMarket was an English-speaking internet cybercrime forum created by Renukanth Subramaniam in London that was shut down in 2008 after FBI agent J. Keith Mularski infiltrated it using the alias Master Splyntr, leading to more than 60 arrests worldwide. [1] Subramaniam, who used the alias JiLsi, admitted conspiracy to defraud and was sentenced to nearly five years in prison in February 2010. [2]

DarkMarket also refers to a new darknet market founded in 2019 under the same name. [3] However, German prosecutors in the cities of Koblenz and Oldenburg said 12 January 2021 that they had shut down what was "probably the largest illegal marketplace on the Darknet" called DarkMarket and physically arrested the man believed to operate it near Germany's border with Denmark. [4] [5]

The website allowed buyers and sellers of stolen identities and credit card data to meet and conduct criminal enterprise in an entrepreneurial, peer-reviewed environment. [6] It had 2,500 users at its peak. [7]

According to supervisory special agent Mularski of the FBI's Cyber Initiative & Resource Fusion Unit, their undercover operation was "very successful in getting to the upper echelons of the Dark Market group and we were actually able to run the server and host all the communications that were going on there to make our cases." [8] He obtained full access to everyone using the site and what they were doing by securing the server after gaining Subramaniam's confidence.

In Congressional testimony on November 17, 2009, FBI Deputy Assistant Director, Cyber Division Steven R. Chabinsky described the FBI operation: [9]

The FBI's infiltration and dismantlement of Darkmarket, an online virtual transnational criminal organization. Working with our international partners in the United Kingdom, Germany, and Turkey, the FBI conducted a two-year undercover operation to penetrate the organization and bring it to its knees. At its peak, the Darkmarket forum had over 2,500 members—spanning countries throughout the world—who were involved in buying and selling stolen financial information, including credit card data, login credentials (user names, passwords), and equipment used to carry out certain financial crimes. Using undercover techniques, the FBI penetrated the highest levels of this group and identified and located its leading members. Multi-agency and multi-national coordination with our law enforcement partners led to over 60 arrests worldwide, as well as the prevention of $70 million in economic loss that otherwise would have occurred from compromised victim accounts.

In a speech to the GovSec/FOSE Conference on March 23, 2010, Chabinsky related explained [10]

Not long ago, there was an online carding forum named Darkmarket. It had members worldwide who were involved in buying and selling stolen financial information, such as credit card data, login credentials, and equipment to carry out financial crimes. Darkmarket doesn't exist anymore. Why? Because the FBI infiltrated it and brought it down. Through a two-year undercover operation led by an individual known to most users only as "Master Splyntr," we penetrated the highest levels of this group and identified and located its leading members, which led to over 60 arrests worldwide and the prevention of tens if not hundreds of millions of dollars in economic loss. To the shock of criminals worldwide, Master Splyntr—who was on the site nearly everyday, participating anywhere from one hour to 15 hours a day—was a very dedicated and talented FBI special agent, of which we are proud and fortunate to have many. Still, it's a lot of work to take down a single forum, but it shows we can succeed if we have the right people in place and the resources to apply.

In other words, having hired and trained special agents who can talk the talk, and given the resources to spend enough hours online for an extended period of time, we have found that almost any cyber criminal enterprise will begin to trust us, despite having never met us face-to-face. We also learned that the communication methods used by these criminals are, to them, a social outlet as well. Just as often as they are speaking about malware, crimes, and goods for sale, they are talking about their families, their girlfriends, their vacations, and their cars. After a time, members of these forums become friends. That is where the intrinsic trust stems from. When somebody first enters as a new member, they’re considered a potential cop; a month later, they’re less of a cop; six months later, they’re a friend; a year later, they are trusted implicitly—to the extent that when an outsider anonymously told a Darkmarket participant that Master Splyntr was actually the FBI (which, as you now know, was true) all Master Splyntr had to do was deny the accusation and he was believed because he was an insider, whereas the informer was an outsider.

The Darkmarket case also provides us with insight into cyber crime tradecraft. Cyber criminals deploy countermeasures that can cost them a lot of time and effort, in hopes of evading our lawful investigative techniques. Consider the fact that cyber criminals routinely change their nicknames, e-mails, digital currency accounts, and the ICQ numbers they use in forums. Not only do they change these accounts and identifying numbers, but they also use different combinations of the information in each forum they participate in.

Another DarkMarket member, Thomas James Frederick Smith, pleaded guilty on June 10, 2010, to conspiracy to intentionally cause damage to a protected computer and to commit computer fraud. [11]

Related Research Articles

<span class="mw-page-title-main">Identity theft</span> Deliberate use of someone elses identity, usually as a method to gain a financial advantage

Identity theft, identity piracy or identity infringement occurs when someone uses another's personal identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. The term identity theft was coined in 1964. Since that time, the definition of identity theft has been legally defined throughout both the U.K. and the U.S. as the theft of personally identifiable information. Identity theft deliberately uses someone else's identity as a method to gain financial advantages or obtain credit and other benefits. The person whose identity has been stolen may suffer adverse consequences, especially if they are falsely held responsible for the perpetrator's actions. Personally identifiable information generally includes a person's name, date of birth, social security number, driver's license number, bank account or credit card numbers, PINs, electronic signatures, fingerprints, passwords, or any other information that can be used to access a person's financial resources.

<span class="mw-page-title-main">Cybercrime</span> Type of crime based in computer networks

Cybercrime is a type of crime involving a computer or a computer network. The computer may have been used in committing the crime, or it may be the target. Cybercrime may harm someone's security or finances.

The Australian High Tech Crime Centre (AHTCC) are hosted by the Australian Federal Police (AFP) at their headquarters in Canberra. Under the auspices of the AFP, the AHTCC is party to the formal Joint Operating Arrangement established between the AFP, the Australian Security Intelligence Organisation and the Computer Network Vulnerability Team of the Australian Signals Directorate.

<span class="mw-page-title-main">ShadowCrew</span> Cybercrime forum (2002–2004)

ShadowCrew was a cybercrime forum that operated under the domain name ShadowCrew.com between August 2002 and November 2004.

Brian Krebs is an American journalist and investigative reporter. He is best known for his coverage of profit-seeking cybercriminals. Krebs is the author of a daily blog, KrebsOnSecurity.com, covering computer security and cybercrime. From 1995 to 2009, Krebs was a reporter for The Washington Post and covered tech policy, privacy and computer security as well as authoring the Security Fix blog.

<span class="mw-page-title-main">IRS Criminal Investigation</span> Criminal Investigation division of the IRS

Internal Revenue Service, Criminal Investigation (IRS-CI) is the United States federal law enforcement agency responsible for investigating potential criminal violations of the U.S. Internal Revenue Code and related financial crimes, such as money laundering, currency violations, tax-related identity theft fraud and terrorist financing that adversely affect tax administration. While other federal agencies also have investigative jurisdiction for money laundering and some Bank Secrecy Act violations, IRS-CI is the only federal agency that can investigate potential criminal violations of the Internal Revenue Code, in a manner intended to foster confidence in the tax system and deter violations of tax law. Criminal Investigation is a division of the Internal Revenue Service, which in turn is a bureau within the United States Department of the Treasury.

Max Ray Vision is a former computer security consultant and hacker who served a 13-year prison sentence, the longest sentence ever given at the time for hacking charges in the United States. He was convicted of two counts of wire fraud, including stealing nearly 2 million credit card numbers and running up about $86 million in fraudulent charges.

<span class="mw-page-title-main">FBI Cyber Division</span> US Federal Bureau of Investigation division

The Cyber Division (CyD) is a Federal Bureau of Investigation division which heads the national effort to investigate and prosecute internet crimes, including "cyber based terrorism, espionage, computer intrusions, and major cyber fraud." This division of the FBI uses the information it gathers during investigation to inform the public of current trends in cyber crime. It focuses around three main priorities: computer intrusion, identity theft, and cyber fraud. It was created in 2002.

<span class="mw-page-title-main">European Cybercrime Centre</span>

The European Cybercrime Centre is the body of the Police Office (Europol) of the European Union (EU), headquartered in The Hague, that coordinates cross-border law enforcement activities against computer crime and acts as a centre of technical expertise on the matter.

The dark web is the World Wide Web content that exists on darknets: overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can communicate and conduct business anonymously without divulging identifying information, such as a user's location. The dark web forms a small part of the deep web, the part of the web not indexed by web search engines, although sometimes the term deep web is mistakenly used to refer specifically to the dark web.

<span class="mw-page-title-main">Roman Seleznev</span> Russian computer hacker

Roman Valerevich Seleznev, also known by his hacker name Track2, is a Russian computer hacker. Seleznev was indicted in the United States in 2011, and was convicted of hacking into servers to steal credit-card data. His activities are estimated to have caused more than $169 million in damages to businesses and financial institutions. Seleznev was arrested on July 5, 2014, and was sentenced to 27 years in prison for wire fraud, intentional damage to a protected computer, and identity theft.

<span class="mw-page-title-main">Evolution (marketplace)</span> Former darknet market

Evolution was a darknet market operating on the Tor network. The site was founded by an individual known as 'Verto' who also founded the now defunct Tor Carding Forum. Evolution was active between 14th January 2014 and mid March 2015.

TheRealDeal was a darknet website and a part of the cyber-arms industry reported to be selling code and zero-day software exploits.

A darknet market is a commercial website on the dark web that operates via darknets such as Tor and I2P. They function primarily as black markets, selling or brokering transactions involving drugs, cyber-arms, weapons, counterfeit currency, stolen credit card details, forged documents, unlicensed pharmaceuticals, steroids, and other illicit goods as well as the sale of legal products. In December 2014, a study by Gareth Owen from the University of Portsmouth suggested the second most popular sites on Tor were darknet markets.

<span class="mw-page-title-main">Dark0de</span>

dark0de, also known as Darkode, is a cybercrime forum and black marketplace described by Europol as "the most prolific English-speaking cybercriminal forum to date". The site, which was launched in 2007, serves as a venue for the sale and trade of hacking services, botnets, malware, stolen personally identifiable information, credit card information, hacked server credentials, and other illicit goods and services.

<span class="mw-page-title-main">Operation Shrouded Horizon</span>

Operation Shrouded Horizon was an 18-month international law enforcement investigation culminating in the July 2015 seizure of Darkode, an online cybercrime forum and black market, and the arrest of several of its members. The case involved law enforcement agencies from 20 countries, led by the United States Federal Bureau of Investigation (FBI) with the assistance of Europol, in what the FBI called "the largest-ever coordinated law enforcement effort directed at an online cyber criminal forum".

<span class="mw-page-title-main">Carding (fraud)</span> Crime involving the trafficking of credit card data

Carding is a term describing the trafficking and unauthorized use of credit cards. The stolen credit cards or credit card numbers are then used to buy prepaid gift cards to cover up the tracks. Activities also encompass exploitation of personal data, and money laundering techniques. Modern carding sites have been described as full-service commercial entities.

A crime forum is a generic term for an Internet forum specialising in computer crime and Internet fraud activities such as hacking, identity theft, phishing, pharming, malware or spamming.

<span class="mw-page-title-main">Dream Market</span> Online black market

Dream Market was an online darknet market founded in late 2013. Dream Market operated on a hidden service of the Tor network, allowing online users to browse anonymously and securely while avoiding potential monitoring of traffic. The marketplace sold a variety of content, including drugs, stolen data, and counterfeit consumer goods, all using cryptocurrency. Dream provided an escrow service, with disputes handled by staff. The market also had accompanying forums, hosted on a different URL, where buyers, vendors, and other members of the community could interact. It is one of the longest running darknet markets.

Infraud Organization was an international cybercrime organization, operating between October 2010 and February 2018, that was involved in carding, stealing personal credit cards and online banking information. The organization was created by Svyatoslav Bondarenko, a 34-year-old man from Ukraine. In February 2018, authorities in the United States indicted 36 individuals involved with the organization on charges of racketeering, conspiracy, possession of 15 or more access devices, and aiding and abetting. As of February 2018, 13 of the 36 have been arrested. The US Justice Department stated that as of March 2017, the organization had 10,901 registered members and was the "largest cyber fraud enterprise prosecutions ever undertaken by the Department of Justice" and had resulted in $530 million in actual losses, with an estimated $2.2 billion in intended losses.

References

  1. Davies, Caroline (14 January 2010). "Welcome to DarkMarket – global one-stop shop for cybercrime and banking fraud". The Guardian .
  2. "Organiser of Darkmarket fraud website jailed". BBC News . 26 February 2010.
  3. "DarkMarket 2020 information". December 2020.
  4. Market, Dark (2021-01-12). "Official Guide to Using DarkMarket (Dark Market)". Medium. Retrieved 2021-01-13.
  5. Welle (www.dw.com), Deutsche. "'Largest illegal darknet marketplace' DarkMarket taken offline | DW | 12.01.2021". DW.COM. Retrieved 2021-01-13.
  6. Leyden, John (14 October 2008). "DarkMarket carder forum revealed as FBI sting". The Register .
  7. FBI Coordinates Global Effort to Nab ‘Dark Market’ Cyber Criminals
  8. Mills, Elinor (May 7, 2009). "Q&A: FBI agent looks back on time posing as a cybercriminal". CNET News. Archived from the original on June 17, 2011. Retrieved September 11, 2010.
  9. Statement Before the Senate Judiciary Committee, Subcommittee on Terrorism and Homeland Security Archived 2010-04-12 at the Wayback Machine
  10. Remarks as prepared for delivery Archived 2016-12-27 at the Wayback Machine
  11. Another Pleads Guilty in Botnet Hacking

Further reading