FBI Operated DarkMarket Carder Forum Sting Brings Worldwide Cybercriminals Arrests
For the last two years until its shutdown earlier this month DarkMarket.ws posed as a forum where identity thieves, credit card fraudsters, crackers and other ne’er do wells could hang out and exchange tips as well as trading hacker tools and stolen data. DarkMarket offered a place to flog stolen credit card information and identities, hardware, and credit card magstripe swipes. The English-language site looked like somewhere the bad guys could get pointers on the quality of stolen information, harvested through phishing scams and the like, before buying goods.
In reality, the site was run by Federal agents based in Pittsburgh. Leaked documents have confirmed that carder forum DarkMarket was actually an FBI sting operation. The true identity of the site was revealed by Südwestrundfunk, a German public radio station, Wired reports. The station unearthed documents showing that one of the site’s overlord, Master Splynter, who posed as a spammer, was senior cybercrime agent J Keith Mularski. The DarkMarket sting was instrumental in trapping a German credit card hacker active on its forums.
Leaked documents show that the FBI had run DarkMarket as a sting since November 2006. A memo from FBI to their German counterparts boasts that the “FBI has been successful in penetrating the inner ‘family’ of the carding forum, DarkMarket”. In an email dating from March 2007 FBI agent Mularski bluntly states “Master Splynter is me”. The FBI said the site, at its peak, had more than 2,500 members. The Feds said investigations were continuing thanks to leads from the forum, which was closed earlier this month.
Federal agents used intelligence from the site to develop intelligence reports and mount investigations. It’s unclear how many miscreants were busted as a result of the sting. Further arrests may follow and cybercrooks that frequented the forum are likely to be peering nervously over their shoulders.
Master Splynter announced his intention to close the site from 4 October, supposedly because a Turkish ATM fraudster was drawing “unwelcome attention” to the site. The Turkish hacker (Cha0) was marketing an ATM skimming device – fairly standard activity on the site – but he became famous after allegedly kidnapping and torturing a police informant. Local police arrested a suspect, named as Cagatay Evyapan, last month.
Rumours that DarkMarket was a federal sting were known to more clued-up crackers since the latter part of 2006, after a hacker reported evidence that Master Splynter had logged in from the National Cyber Forensics Training Alliance in Pittsburgh. Some dismissed the warning by Max Ray Butler as mud-slinging and continued to use the forum, even after Butler was arrested last year in a case handled by the FBI’s Pittsburgh office.
According to latest news, Police have arrested five people in the UK in the last few days in connection with a web forum used to trade credit card details and personal information. Some 56 people have been arrested worldwide – 11 in total in the UK – in connection with the DarkMarket forum. The Serious Organised Crime Agency ran the UK part of a worldwide investigation led by the FBI.
More on CyberInsecure:
Posts
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.