Europol and German regulation enforcement confirmed the arrest of two suspects and the seizure of 17 servers in Operation Expertise, which took down Cracked and Nulled, two of the biggest hacking boards with over 10 million customers.
Regardless that a few of their members are additionally engaged in moral hacking discussions, these hacking boards are greatest identified for specializing in cybercrime, password theft, cracking, and credential-stuffing assaults and had been extensively thought to be a hub for cybercriminal exercise,
In addition they hosted hacking instruments, resembling AI-based instruments and scripts that assist scan for safety vulnerabilities and optimize assaults, “configs” utilized by credential-stuffing assault instruments (e.g., OpenBullet and SilverBullet), and different illicit actions, together with content material associated to software program cracks and a “combo lists” market with stolen credentials or databases.
The U.S. Justice Division says Cracked claimed over 4 million customers, 28 million advertisements for cybercrime instruments, generated roughly $4 million in income, and impacted 17 million victims within the U.S., whereas Nulled had over 5 million customers, with 43 million advertisements for hacking instruments, and round $1 million in annual income.
“Both of these underground economy forums offered a quick entry point into the cybercrime scene. These sites worked as one-stop shops and were used not only for discussions on cybercrime but also as marketplaces for illegal goods and cybercrime-as-a-service, such as stolen data, malware or hacking tools,” Europol mentioned.
“Throughout the course of the action day, 12 domains within the platforms Cracked and Nulled were seized. Other associated services were also taken down; including a financial processor named Sellix which was used by Cracked, and a hosting service called StarkRDP, which was promoted on both of the platforms and run by the same suspects.”
Authorities additionally searched seven properties between January 28 and January 30 and seized over 50 digital units and round €300,000 in money and cryptocurrency.
“The seized data, such as e-mail addresses, IP addresses and communication channels of the approximately 10 million registered user accounts, will be the basis for further international investigations against criminal sellers and users of the platforms,” added Bundeskriminalamt, Germany’s central legal investigation company.
Spanish Nationwide Police arrested the 2 suspects linked to the Cracked and Nulled seizures in Valencia. In accordance with the U.S. DOJ, Spain additionally unsealed prices towards 28-year-old Lucas Sohn, one in every of Nulled’s directors who carried out escrow capabilities on the web site. Nonetheless, there isn’t a details about whether or not he was one of many two arrested suspects.
If convicted, Sohn faces a most penalty of 5 years in jail for conspiracy to visitors in passwords, 10 years for entry system fraud, and 15 years for id fraud.
As BleepingComputer first reported on Wednesday, seizure banners had been added to the cracked[.]io, cracked[.]to, nulled[.]to, starkrdp[.]io, mysellix[.]io, and sellix[.]io domains, confirming that they’d been seized in a joint regulation enforcement motion dubbed “Operation Talent” that included regulation enforcement authorities from the USA, Italy, Spain, Europe, France, Greece, Australia, and Romania.
“This website, as well as the information on the customers and victims of the website, has been seized by international law enforcement partners,” the banners learn.
​The FBI seized the boards’ domains and modified their identify servers from their earlier Cloudflare identify servers to ns1.fbi.seized.gov and ns2.fbi.seized.gov.
The U.S. regulation enforcement company additionally seized domains utilized by:
- StarkRDP (starkrdp.io), a Home windows RDP digital internet hosting supplier promoted on each hacking boards and run by the identical suspects and
- SellIX (sellix.io and mysellix.io), a monetary processor that was additionally utilized by Cracked members.
Cracked’s workers additionally launched a press release on Telegram confirming that police had seized the hacking discussion board’s cracked.io area.
“Now that everyone has more clarity on the situation, Cracked.io has been seized under operation talent with specific reasons being undisclosed,” they mentioned.
“We are still waiting for the official court documentation from the data centre and the domain host. We will inform you guys further on those details once we have it. A sad day indeed for our community.”
Nonetheless, German regulation enforcement says SellIX and StarkRDP had been shut down as they had been “directly part of the platforms’ economic network.”
Up to date January 30, 12:56 EST: Added prices and income data shared by the U.S. Justice Division.
