Operation Shrouded Horizon

Last updated
Operation Shrouded Horizon (bottom)
Operation Shrouded Horizon map (DOJ image).jpg

Darkode domain seized during Operation Shrouded Horizon (DOJ image).jpg Map of the 20 countries which provided law enforcement assistance during Operation Shrouded Horizon (top), The message displayed on the homepage of Darkode upon its domain being seized
Operation NameOperation Shrouded Horizon (bottom)
Roster
Planned by United States Federal Bureau of Investigation and Europol
Countries ParticipatedAustralia, Bosnia, Herzegovina, Brazil, Canada, Columbia, Costa Rica, Cyprus, Croatia, Denmark, Finland, Germany, Israel, Latvia, Macedonia, Nigeria, Romania, Serbia, Sweden, United Kingdom and the United States [1] [2]
# of Countries Participated20
Mission
TargetDarkode website
Methodundisclosed
Timeline
Date beginJanuary 2014
Date endJuly 2015
Duration18 months
Results
Arrests70
Indicted12
Accounting


Operation Shrouded Horizon was an 18-month international law enforcement investigation culminating in the July 2015 seizure of Darkode, an online cybercrime forum and black market, and the arrest of several of its members. The case involved law enforcement agencies from 20 countries, led by the United States Federal Bureau of Investigation (FBI) with the assistance of Europol, in what the FBI called "the largest-ever coordinated law enforcement effort directed at an online cyber criminal forum". [3] [4] [1]

Law enforcement agents gained access to the invite-only website through undisclosed means and collected information over an extended period, leading to equipment seizures, searches, or arrests of 70 individuals globally, leading to indictments against 12 for crimes including computer fraud, conspiracy to commit computer fraud, conspiracy to commit wire fraud, conspiracy to commit money laundering, conspiracy to send malicious code, spamming, identity theft, racketeering, conspiracy to commit bank fraud, extortion, and conspiracy to commit access device fraud. [3] [5] [1] [6] [7] [8] Among those arrested were administrators for darknet market TheRealDeal, who were also active at Darkode. [9]

Upon announcing the charges, United States Attorney David J. Hickton called the site "a cyber hornet's nest of criminal hackers" which "represented one of the gravest threats to the integrity of data on computers in the United States". [10] [5] [4] [11]


Though led by the FBI and assisted by Europol, reports credit agencies in 20 countries: Australia, Bosnia and Herzegovina, Brazil, Canada, Colombia, Costa Rica, Cyprus, Croatia, Denmark, Finland, Germany, Israel, Latvia, Macedonia, Nigeria, Romania, Serbia, Sweden, United Kingdom, and United States. [1] [2]

Only two weeks after the announcement of the raid, the site reappeared with increased security, employing Bitcoin-based blockchain authentication and operating on the Tor anonymity network. [12] [13] [14] [15]

Related Research Articles

<span class="mw-page-title-main">Cybercrime</span> Type of crime based in computer networks

Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or networks. These crimes involve the use of technology to commit fraud, identity theft, data breaches, computer viruses, scams, and expanded upon in other malicious acts. Cybercriminals exploit vulnerabilities in computer systems and networks to gain unauthorized access, steal sensitive information, disrupt services, and cause financial or reputational harm to individuals, organizations, and governments.

Shadowserver Foundation is a nonprofit security organization that gathers and analyzes data on malicious Internet activity, sends daily network reports to subscribers, and works with law enforcement organizations around the world in cybercrime investigations. Established in 2004 as a "volunteer watchdog group," it liaises with national governments, CSIRTs, network providers, academic institutions, financial institutions, Fortune 500 companies, and end users to improve Internet security, enhance product capability, advance research, and dismantle criminal infrastructure. Shadowserver provides its data at no cost to national CSIRTs and network owners.

globalHell was a group of hackers. The group disbanded in 1999 due to being prosecuted for computer intrusion. The combined losses were estimated to be ranged between $1.5m and $2.5m. They were one of the first hacking groups who gained notoriety for website defacements and breaches. It is called a "cybergang" as it had many of the same characteristics of a gang, such as the organizational structure. They carried out some of the same activities as a gang, including trafficking in stolen credit card numbers.

DarkMarket was an English-speaking internet cybercrime forum. It was created by Renukanth Subramaniam in London, and was shut down in 2008 after FBI agent J. Keith Mularski infiltrated it using the alias Master Splyntr, leading to more than 60 arrests worldwide. Subramaniam, who used the alias JiLsi, admitted conspiracy to defraud and was sentenced to nearly five years in prison in February 2010.

There is no commonly agreed single definition of “cybercrime”. It refers to illegal internet-mediated activities that often take place in global electronic networks. Cybercrime is "international" or "transnational" – there are ‘no cyber-borders between countries'. International cybercrimes often challenge the effectiveness of domestic and international law, and law enforcement. Because existing laws in many countries are not tailored to deal with cybercrime, criminals increasingly conduct crimes on the Internet in order to take advantages of the less severe punishments or difficulties of being traced.

<span class="mw-page-title-main">Operation AntiSec</span> Series of cyberattacks conducted by Anonymous and LulzSec

Operation Anti-Security, also referred to as Operation AntiSec or #AntiSec, is a series of hacking attacks performed by members of the hacking group LulzSec and Anonymous, and others inspired by the announcement of the operation. LulzSec performed the earliest attacks of the operation, with the first against the Serious Organised Crime Agency on 20 June 2011. Soon after, the group released information taken from the servers of the Arizona Department of Public Safety; Anonymous would later release information from the same agency two more times. An offshoot of the group calling themselves LulzSecBrazil launched attacks on numerous websites belonging to the Government of Brazil and the energy company Petrobras. LulzSec claimed to retire as a group, but on 18 July they reconvened to hack into the websites of British newspapers The Sun and The Times, posting a fake news story of the death of the publication's owner Rupert Murdoch.

Hector Xavier Monsegur, known also by the online pseudonym Sabu, is an American computer hacker and co-founder of the hacking group LulzSec. Monsegur became an informant for the FBI, working with the agency for over ten months to aid them in identifying the other hackers from LulzSec and related groups while facing a sentence of 124 years in prison. LulzSec intervened in the affairs of organizations such as News Corporation, Stratfor, UK and American law enforcement bodies and Irish political party Fine Gael.

<span class="mw-page-title-main">European Cybercrime Centre</span>

The European Cybercrime Centre is the body of the Police Office (Europol) of the European Union (EU), headquartered in The Hague, that coordinates cross-border law enforcement activities against computer crime and acts as a centre of technical expertise on the matter.

The dark web is the World Wide Web content that exists on darknets: overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can communicate and conduct business anonymously without divulging identifying information, such as a user's location. The dark web forms a small part of the deep web, the part of the web not indexed by web search engines, although sometimes the term deep web is mistakenly used to refer specifically to the dark web.

<span class="mw-page-title-main">Roman Seleznev</span> Russian computer hacker

Roman Valerevich Seleznev, also known by his hacker name Track2, is a Russian computer hacker. Seleznev was indicted in the United States in 2011, and was convicted of hacking into servers to steal credit-card data. His activities are estimated to have caused more than $169 million in damages to businesses and financial institutions. Seleznev was arrested on July 5, 2014, and was sentenced to 27 years in prison for wire fraud, intentional damage to a protected computer, and identity theft.

TheRealDeal was a darknet website and a part of the cyber-arms industry reported to be selling code and zero-day software exploits.

<span class="mw-page-title-main">Dark0de</span>

dark0de, also known as Darkode, is a cybercrime forum and black marketplace described by Europol as "the most prolific English-speaking cybercriminal forum to date". The site, which was launched in 2007, serves as a venue for the sale and trade of hacking services, botnets, malware, stolen personally identifiable information, credit card information, hacked server credentials, and other illicit goods and services.

<span class="mw-page-title-main">Carding (fraud)</span> Crime involving the trafficking of credit card data

Carding is a term of the trafficking and unauthorized use of credit cards. The stolen credit cards or credit card numbers are then used to buy prepaid gift cards to cover up the tracks. Activities also encompass exploitation of personal data, and money laundering techniques. Modern carding sites have been described as full-service commercial entities.

A crime forum is a generic term for an Internet forum specialising in computer crime and Internet fraud activities such as hacking, identity theft, phishing, pharming, malware or spamming.

<span class="mw-page-title-main">David J. Hickton</span> American politician

David J. Hickton is the director and founder of the University of Pittsburgh Institute for Cyber Law, Policy and Security. Prior to that, he was the 57th U.S. Attorney for the Western District of Pennsylvania. He resigned following the election of President Donald Trump and began his position at Pitt in January 2017. While a U.S. Attorney, Hickton brought several indictments for cybertheft and hacking. Prior to becoming U.S. Attorney, Hickton engaged in the private practice of law, specifically in the areas of transportation, litigation, commercial and white collar crime.

Infraud Organization was an international cybercrime organization, operating between October 2010 and February 2018, that was involved in carding, stealing personal credit cards and online banking information. The organization was created by Svyatoslav Bondarenko, a 34-year-old man from Ukraine. In February 2018, authorities in the United States indicted 36 individuals involved with the organization on charges of racketeering, conspiracy, possession of 15 or more access devices, and aiding and abetting. As of February 2018, 13 of the 36 have been arrested. The US Justice Department stated that as of March 2017, the organization had 10,901 registered members and was the "largest cyber fraud enterprise prosecutions ever undertaken by the Department of Justice" and had resulted in $530 million in actual losses, with an estimated $2.2 billion in intended losses.

Michael B. Faulkner, known as by his pseudonym CygonX is an American business executive, author, and convicted cybercriminal. He is the founder of Crydon Capital.

<span class="mw-page-title-main">VPNLab</span> Criminal VPN service

VPNLab was a VPN service that catered to cyber criminals. The service was shut down by following a seizure Europol in January 2022.

<span class="mw-page-title-main">BreachForums</span> Cybercrime forum

BreachForums is an English-language black hat–hacking crime forum. The website acts as an alternative and successor to RaidForums following its shutdown and seizure in 2022. Like its predecessor, BreachForums allows for the discussion of various hacking topics and distributed data breaches, pornography, hacking tools and various other services.

<span class="mw-page-title-main">Genesis Market</span> Criminal website (2017–2023)

Genesis Market was a cybercrime-facilitation website noted for its easy-to-use interface. It enabled users to spoof over two million different victims, providing access to their bank accounts.

References

  1. 1 2 3 4 Stevenson, Alastair (16 July 2015). "All the details about the FBI's Darknode takedown in 6 easy facts". Business Insider .
  2. 1 2 "Cybercriminal Darkode Forum Taken Down Through Global Action". Europol . 15 July 2015.
  3. 1 2 "Cyber Criminal Forum Taken Down". FBI.gov. 15 July 2015.
  4. 1 2 "Major Computer Hacking Forum Dismantled". The United States Department of Justice. 15 July 2015.
  5. 1 2 Buncombe, August (15 July 2015). "Darkode: FBI shuts down notorious online forum and cracks 'cyber hornet's nest of criminal hackers'" . The Independent . Archived from the original on 2022-05-24.
  6. "Darkode: Computer hacking forum dismantled; 12 people charged, US authorities say". Australian Broadcasting Corporation . 16 July 2015.
  7. Pauli, Darren (16 July 2015). "FireEye intern nailed in Darkode downfall was VXer, say the Feds". The Register .
  8. Stevenson, Alastair (16 July 2015). "These are the 3 scariest alleged Darkode hackers arrested during the FBI's 'Operation Shrouded Horizon'". Business Insider .
  9. Cox, Joseph (29 July 2015). "The Mysterious Disappearance, and Reappearance, of a Dark Web Hacker Market" . Retrieved 31 July 2015.
  10. Trott, Bill (15 July 2015). "U.S. says computer hacking forum Darkode dismantled, 12 charged". Reuters.
  11. "Darkode cybercriminal hacker marketplace shut down". Canadian Broadcasting Corporation. Associated Press. 15 July 2015.
  12. Pauli, Darren (28 July 2015). "Cybercrime forum Darkode returns with security, admins intact". The Register .
  13. Clark, Lian (28 July 2015). "Hacker forum Darkode is back and more secure than ever". Wired .
  14. Kovacs, Eduard (28 July 2015). "Hacking Forum Darkode Resurfaces". Security Week.
  15. Stevenson, Alastair (28 July 2015). "It only took 2 weeks for the world's most dangerous hacking forum to get back online after the FBI shut it down". Business Insider .
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.