Jump to content

Dark0de

From Wikipedia, the free encyclopedia
The message displayed on the homepage of Darkode upon its domain being seized during Operation Shrouded Horizon.

dark0de, also known as Darkode, is a cybercrime forum and black marketplace described by Europol as "the most prolific English-speaking cybercriminal forum to date".[1][2] The site, which was launched in 2007, serves as a venue for the sale and trade of hacking services, botnets, malware, stolen personally identifiable information, credit card information, hacked server credentials, and other illicit goods and services.[2][3][4]

History

[edit]

In early 2013, it came under a large DDoS attack moving from bulletproof hosting provider Santrex to off-shore, the latter being a participant of the Stophaus campaign against Spamhaus.[5] The site has had an ongoing feud with security researcher Brian Krebs.[6]

In April 2014, various site users were attacked via the Heartbleed exploit, gaining access to private areas of the site.[7]

Takedown

[edit]

The forum was the target of Operation Shrouded Horizon, an international law enforcement effort led by the Federal Bureau of Investigation which culminated in the site's seizure and arrests of several of its members in July 2015.[8][9] According to the FBI, the case is "believed to be the largest-ever coordinated law enforcement effort directed at an online cyber criminal forum".[10] Upon announcing the 12 charges issued by the United States, Attorney David Hickton called the site "a cyber hornet's nest of criminal hackers", "the most sophisticated English-speaking forum for criminal computer hackers in the world" which "represented one of the gravest threats to the integrity of data on computers in the United States".[11][12]

On Monday, September 21, 2015, Daniel Placek appeared on the podcast Radiolab discussing his role in starting Darkode and his eventual cooperation with the United States government in its efforts to take down the site.[13]

Revivals

[edit]

Only two weeks after the announcement of the raid, the site reappeared with increased security, employing blockchain-based authentication and operating on the Tor anonymity network.[2][3][4] Researchers from MalwareTech suggested the relaunch was not genuine, and almost immediately after, it was hacked and its database leaked.[14]

On December 13, a version of the site returned on the original domain name.[15]

See also

[edit]

References

[edit]
  1. ^ "Cybercriminal Darkode Forum Taken Down Through Global Action". Europol. 15 July 2015.
  2. ^ a b c Clark, Lian (28 July 2015). "Hacker forum Darkode is back and more secure than ever". Wired.
  3. ^ a b Kovacs, Eduard (28 July 2015). "Hacking Forum Darkode Resurfaces". Security Week.
  4. ^ a b Pauli, Darren (28 July 2015). "Cybercrime forum Darkode returns with security, admins intact". The Register.
  5. ^ Krebs, Brian (May 2013). "Conversations with a Bulletproof Hoster". Retrieved 31 July 2015.
  6. ^ MalwareTech (December 2014). "Darkode - Ode to Lizard Squad (The Rise and Fall of a Private Community)". Retrieved 4 August 2015.
  7. ^ Pauli, Darren (30 April 2014). "Dark0de crime forum hacked through Heartbleed". Retrieved 6 August 2015.
  8. ^ Stevenson, Alastair (28 July 2015). "It only took 2 weeks for the world's most dangerous hacking forum to get back online after the FBI shut it down". Business Insider.
  9. ^ Cox, Joseph (29 July 2015). "The Mysterious Disappearance, and Reappearance, of a Dark Web Hacker Market". Retrieved 31 July 2015.
  10. ^ "Cyber Criminal Forum Taken Down". FBI.gov. 15 July 2015.
  11. ^ Trott, Bill (15 July 2015). "U.S. says computer hacking forum Darkode dismantled, 12 charged". Reuters.
  12. ^ Buncombe, August (15 July 2015). "Darkode: FBI shuts down notorious online forum and cracks 'cyber hornet's nest of criminal hackers'". The Independent.
  13. ^ "Darkode". Radiolab. NPR. Retrieved 2 October 2015.
  14. ^ Cox, Joseph (19 January 2017). "Hackers Hack Hacking Forum As Soon As It's Launched". Retrieved 24 January 2017.
  15. ^ Cox, Joseph (19 December 2016). "Malware Exchange Busted by the Feds Relaunches, At Least in Name". Retrieved 19 December 2016.
[edit]