Operation Shrouded Horizon (bottom) | |
---|---|
Operation Name | Operation Shrouded Horizon (bottom) |
Roster | |
Planned by | United States Federal Bureau of Investigation and Europol |
Countries Participated | Australia, Bosnia, Herzegovina, Brazil, Canada, Columbia, Costa Rica, Cyprus, Croatia, Denmark, Finland, Germany, Israel, Latvia, Macedonia, Nigeria, Romania, Serbia, Sweden, United Kingdom and the United States [1] [2] |
# of Countries Participated | 20 |
Mission | |
Target | Darkode website |
Method | undisclosed |
Timeline | |
Date begin | January 2014 |
Date end | July 2015 |
Duration | 18 months |
Results | |
Arrests | 70 |
Indicted | 12 |
Accounting |
Operation Shrouded Horizon was an 18-month international law enforcement investigation culminating in the July 2015 seizure of Darkode, an online cybercrime forum and black market, and the arrest of several of its members. The case involved law enforcement agencies from 20 countries, led by the United States Federal Bureau of Investigation (FBI) with the assistance of Europol, in what the FBI called "the largest-ever coordinated law enforcement effort directed at an online cyber criminal forum". [3] [4] [1]
Law enforcement agents gained access to the invite-only website through undisclosed means and collected information over an extended period, leading to equipment seizures, searches, or arrests of 70 individuals globally, leading to indictments against 12 for crimes including computer fraud, conspiracy to commit computer fraud, conspiracy to commit wire fraud, conspiracy to commit money laundering, conspiracy to send malicious code, spamming, identity theft, racketeering, conspiracy to commit bank fraud, extortion, and conspiracy to commit access device fraud. [3] [5] [1] [6] [7] [8] Among those arrested were administrators for darknet market TheRealDeal, who were also active at Darkode. [9]
Upon announcing the charges, United States Attorney David J. Hickton called the site "a cyber hornet's nest of criminal hackers" which "represented one of the gravest threats to the integrity of data on computers in the United States". [10] [5] [4] [11]
Though led by the FBI and assisted by Europol, reports credit agencies in 20 countries: Australia, Bosnia and Herzegovina, Brazil, Canada, Colombia, Costa Rica, Cyprus, Croatia, Denmark, Finland, Germany, Israel, Latvia, Macedonia, Nigeria, Romania, Serbia, Sweden, United Kingdom, and United States. [1] [2]
Only two weeks after the announcement of the raid, the site reappeared with increased security, employing Bitcoin-based blockchain authentication and operating on the Tor anonymity network. [12] [13] [14] [15]
Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or networks. These crimes involve the use of technology to commit fraud, identity theft, data breaches, computer viruses, scams, and expanded upon in other malicious acts. Cybercriminals exploit vulnerabilities in computer systems and networks to gain unauthorized access, steal sensitive information, disrupt services, and cause financial or reputational harm to individuals, organizations, and governments.
Europol, officially the European Union Agency for Law Enforcement Cooperation, is the law enforcement agency of the European Union (EU). Established in 1998, it is based in The Hague, Netherlands, and serves as the central hub for coordinating criminal intelligence and supporting the EU's member states in their efforts to combat various forms of serious and organized crime, as well as terrorism.
Shadowserver Foundation is a nonprofit security organization that gathers and analyzes data on malicious Internet activity, sends daily network reports to subscribers, and works with law enforcement organizations around the world in cybercrime investigations. Established in 2004 as a "volunteer watchdog group," it liaises with national governments, CSIRTs, network providers, academic institutions, financial institutions, Fortune 500 companies, and end users to improve Internet security, enhance product capability, advance research, and dismantle criminal infrastructure. Shadowserver provides its data at no cost to national CSIRTs and network owners.
DarkMarket was an English-speaking internet cybercrime forum. It was created by Renukanth Subramaniam in London, and was shut down in 2008 after FBI agent J. Keith Mularski infiltrated it using the alias Master Splyntr, leading to more than 60 arrests worldwide. Subramaniam, who used the alias JiLsi, admitted conspiracy to defraud and was sentenced to nearly five years in prison in February 2010.
There is no commonly agreed single definition of “cybercrime”. It refers to illegal internet-mediated activities that often take place in global electronic networks. Cybercrime is "international" or "transnational" – there are ‘no cyber-borders between countries'. International cybercrimes often challenge the effectiveness of domestic and international law, and law enforcement. Because existing laws in many countries are not tailored to deal with cybercrime, criminals increasingly conduct crimes on the Internet in order to take advantages of the less severe punishments or difficulties of being traced.
Operation Anti-Security, also referred to as Operation AntiSec or #AntiSec, is a series of hacking attacks performed by members of the hacking group LulzSec and Anonymous, and others inspired by the announcement of the operation. LulzSec performed the earliest attacks of the operation, with the first against the Serious Organised Crime Agency on 20 June 2011. Soon after, the group released information taken from the servers of the Arizona Department of Public Safety; Anonymous would later release information from the same agency two more times. An offshoot of the group calling themselves LulzSecBrazil launched attacks on numerous websites belonging to the Government of Brazil and the energy company Petrobras. LulzSec claimed to retire as a group, but on 18 July they reconvened to hack into the websites of British newspapers The Sun and The Times, posting a fake news story of the death of the publication's owner Rupert Murdoch.
Hector Xavier Monsegur, known also by the online pseudonym Sabu, is an American computer hacker and co-founder of the hacking group LulzSec. Monsegur became an informant for the FBI, working with the agency for over ten months to aid them in identifying the other hackers from LulzSec and related groups while facing a sentence of 124 years in prison. LulzSec intervened in the affairs of organizations such as News Corporation, Stratfor, UK and American law enforcement bodies and Irish political party Fine Gael.
The European Cybercrime Centre is the body of the Police Office (Europol) of the European Union (EU), headquartered in The Hague, that coordinates cross-border law enforcement activities against computer crime and acts as a centre of technical expertise on the matter.
The dark web is the World Wide Web content that exists on darknets: overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can communicate and conduct business anonymously without divulging identifying information, such as a user's location. The dark web forms a small part of the deep web, the part of the web not indexed by web search engines, although sometimes the term deep web is mistakenly used to refer specifically to the dark web.
Roman Valerevich Seleznev, also known by his hacker name Track2, is a Russian computer hacker. Seleznev was indicted in the United States in 2011, and was convicted of hacking into servers to steal credit-card data. His activities are estimated to have caused more than $169 million in damages to businesses and financial institutions. Seleznev was arrested on July 5, 2014, and was sentenced to 27 years in prison for wire fraud, intentional damage to a protected computer, and identity theft.
TheRealDeal was a darknet website and a part of the cyber-arms industry reported to be selling code and zero-day software exploits.
dark0de, also known as Darkode, is a cybercrime forum and black marketplace described by Europol as "the most prolific English-speaking cybercriminal forum to date". The site, which was launched in 2007, serves as a venue for the sale and trade of hacking services, botnets, malware, stolen personally identifiable information, credit card information, hacked server credentials, and other illicit goods and services.
Carding is a term of the trafficking and unauthorized use of credit cards. The stolen credit cards or credit card numbers are then used to buy prepaid gift cards to cover up the tracks. Activities also encompass exploitation of personal data, and money laundering techniques. Modern carding sites have been described as full-service commercial entities.
A crime forum is a generic term for an Internet forum specialising in computer crime and Internet fraud activities such as hacking, identity theft, phishing, pharming, malware or spamming.
Operation Bayonet was a multinational law enforcement operation culminating in 2017 targeting the AlphaBay and Hansa darknet markets. Many other darknet markets were also shut down.
Infraud Organization was an international cybercrime organization, operating between October 2010 and February 2018, that was involved in carding, stealing personal credit cards and online banking information. The organization was created by Svyatoslav Bondarenko, a 34-year-old man from Ukraine. In February 2018, authorities in the United States indicted 36 individuals involved with the organization on charges of racketeering, conspiracy, possession of 15 or more access devices, and aiding and abetting. As of February 2018, 13 of the 36 have been arrested. The US Justice Department stated that as of March 2017, the organization had 10,901 registered members and was the "largest cyber fraud enterprise prosecutions ever undertaken by the Department of Justice" and had resulted in $530 million in actual losses, with an estimated $2.2 billion in intended losses.
Michael B. Faulkner, known as by his pseudonym CygonX is an American business executive, author, and convicted cybercriminal. He is the founder of Crydon Capital.
VPNLab was a VPN service that catered to cyber criminals. The service was shut down by following a seizure Europol in January 2022.
BreachForums is an English-language black hat–hacking crime forum. The website acts as an alternative and successor to RaidForums following its shutdown and seizure in 2022. Like its predecessor, BreachForums allows for the discussion of various hacking topics and distributed data breaches, pornography, hacking tools and various other services.
Genesis Market was a cybercrime-facilitation website noted for its easy-to-use interface. It enabled users to spoof over two million different victims, providing access to their bank accounts.