Imagine a clearinghouse for cyber criminals where credit card thieves trade tips for circumventing the latest bank security systems; offer stolen credit card data to the highest bidder; and advertise hardware such as magnetic strip printers and other devices used to make counterfeit cards.
Such entrepreneurial, peer-reviewed environments exist in the dark corners of the Internet, in the form of Web sites with names like Carder Plant, Shadowcrew and Darkmarket. On a computer screen, they look like ordinary message boards, complete with pop-up ads and video clips from would-be vendors.
They operate by referral, with access granted only to those who can be recommended by someone who already is a member. Some even offer verification services so that buyers know the illicit products being offered are of the highest quality.
On Tuesday, Jan. 6 at the International Conference on Cyber Security at Fordham, FBI Special Agent J. Keith Mularksi told the story of how he infiltrated and shut down one of the most notorious boards, Darkmarket. The sting resulted in 59 arrests and the recovery of millions of dollars in compromised credit information and harmful computer programs.
Posing as a spammer with the screen name Master Splyntr, Mularski operated on the board for roughly two years. He took advantage of a hacking war that broke out between the leaders of competing criminal forums. He offered to protect the Darkmarket board, which was losing the hacking battle, by moving the site onto a secure server.
Little did the founder of Darketmarket know that the server was run by the FBI. In exchange, Master Splyntr was given high-level clearance on the site, which he used to head off the sale of credit information and stop the spread of malware aimed at banks.
The subsequent FBI sting netted the leaders of Darkmarket and similar boards, recovered more than 100,000 compromised credit cards, and stopped the spread of six malware packages before they could do harm.