Two weeks ago, the US Government made an important breakthrough in the ongoing war against cyber crime when intelligence agencies managed to shut down Darkode. This forum, which acts as a marketplace for malware, spyware, and hacking tools, has been a thorn in the eye of government officials for quite some time. But despite best efforts, Darkode has returned to the scene, and allegedly tightened their security.
The Demise of Darkode and Arrests Around the World — or Not?
On July 15 2015, Darkode was officially taken offline, thanks to the combined efforts of various intelligence agencies around the world. An online marketplace where illegal malware could be bought and sold without consequences could not go by unnoticed for long. After all, there is no place in this world for such illegal activities, even though Darkode had over 250 active members at the time of its demise.
After an intensive 18-month operation, which involved infiltrating the Darkode forum as a member interested in purchasing illegal malware, intelligence agencies managed to put a name and location to the people responsible for running the marketplace. In total, 28 people were arrested in the US and Europe, which should have put the entire operation to bed once and for all.
Assistant Attorney General Leslie Caldwell stated:
“This is a milestone in our efforts to shut down criminals’ ability to buy, sell, and trade malware, botnets and personally identifiable information used to steal from US citizens and individuals around the world… This operation is a great example of what international law enforcement can accomplish when we work closely together to neutralise a global cybercrime marketplace.”
The Fun Lasted For 14 Days
Just two weeks after the fact, Darkode has risen from the ashes and is once open for business. Moreover, the main post on the website claims that the people who ran Darkode previously are all accounted for and not behind bars. Additionally, most of the senior members of the previous Darkode forum are all enjoying their freedom to this very day.
MalwareTech, a Darkode forum member living in the UK, explained it as follows:
“Originally the main admin known as ‘Sp3cial1st’ had posted a statement on pastebin declaring that he wanted to wait and see who all of the 70 users arrested were before bringing the forums back online. Sp3cial1st launched darkcode.cc as a holding page a few hours after that statement, though. The new format, with all members having their own onion address would allow the Darkode admins greater control over who gets access, preventing people from accessing a hacked account without the owner’s onion url. It would also allow them to better monitor who views what by creating an individual log file for each onion, meaning they could quickly weed out leakers.”
Tightening Security and Accepting Bitcoin
Darkcode.cc is learning from the mistakes that were made while operating the original marketplace. As a result, several security changes have been made, including using Tor-only access to visit the site. On top of that, Darkcode.cc will now be an invite-only platform, meaning that not just anyone can register an account on the site.
In fact, Darkcode.cc will only allow previous members back once they go through a verification processed based on the Blockchain API. But that is not the only Bitcoin reference, as Darkcode.cc operators referenced to storing a hash of users’ Bitcoin Wallet addresses as only link to their registration. Allowing authentication through a Bitcoin wallet address should prevent scammers from accessing the new forums, as they would need to know the private key tied to someone’s Bitcoin wallet address.
It will be interesting to see how the new DarkCode.cc marketplace will be tackled by government officials and intelligence agencies. The tactics used to shut down Darkode previously were clearly insufficient, and may have only bolstered the ring leaders in their quest to reign havoc on Internet-connected devices we have all grown accustomed to using.
What are your thoughts on the rebirth of Darkode? Let us know in the comments below!
Source: Wired UK
Images courtesy of Wired UK and ShutterstockShow comments