14 DAY TRIAL // Earlier this week a German radio unmasked an FBI undercover operation on a popular underground forum used by cybercriminals to sell stolen banking information and equipment used for credit card fraud. The FBI confirmed the operation in a press release, outlining the results so far and their future plans.
As we previously reported the Südwestrundfunk German radio got hold of some leaked documents from the German national police, according to which the FBI had infiltrated and administered the DarkMarket underground carding forum since 2006. The same documents poined to one of the forum administrators, going by the nickname Master Splynter, as being the FBI Senior Agent J. Keith Mularski from the Cyber Initiative and Resource Fusion Unit at the National Cyber Forensics Training Alliance (NCFTA) in Pittsburgh.
The website, which the FBI claims had as much as 2,500 registered members from around the globe, was eventually shut down earlier this month. There's no clear information as to why the FBI decided to close it down, but Master Splynter posted on the board before it happened that “It is apparent that this forum … is attracting too much attention from a lot of the world services (agents of FBI, SS, and Interpol). I guess it was only time before this would happen. It is very unfortunate that we have come to this situation, because ... we have established DM as the premier English speaking forum for conducting business. Such is life. When you are on top, people try to bring you down."
The FBI does not provide any specific information regarding the identity of its infiltrated agents or how the whole thing played out, but it does confirm the existence of the undercover operation. “A primary objective of this operation was to infiltrate the forum, develop intelligence on its leading members, and in coordination with our U.S. and international law enforcement partners, systematically identify, locate, and arrest them over a sustained period,” is specified in the FBI press release.
As a result of the intel gathered from the forum, a total number of 56 arrests were made across the globe during the last two-years. The FBI also estimates that, due to the operation, a total of $70 million have been saved from being stolen, by quickly closing the compromised banking accounts that were being disclosed or sold on the forum.
The Register reports that five people were arrested this week in the U.K. in connection with the DarkMarket operation. This is confirmed by the FBI Cyber Division Assistant Director Shawn Henry. “The arrests this week in the U.K. are a good demonstration of the coordination taking place today between the FBI, the Serious Organised Crime Agency (SOCA), and other law enforcement agencies around the globe,” commented Mr. Henry.
In addition, the information gathered in this operation is likely to prompt other arrests worldwide. “Separate from these successes, this operation created new leads and more investigative information to pursue. These efforts are being followed up by the FBI and international law enforcement partners,” informs the press release.
It is notable that rumors about the FBI running the DarkMarket forum existed almost since the operation began. In 2006, soon after Master Splynter joined the DarkMaster administration board, a hacker by the name of Max Ray Butler got unauthorized access to the server's database and disclosed the IP the new admin used to log in. The IP was registered to the NCFTA in Pittsburgh, but the hacker's findings were pretty much dismissed by the forum members at that time. The FBI eventually arrested Butler in 2007 on credit card fraud charges.