Law enforcement from Germany, Australia, Spain, Greece, Romania, Italy, France and the USA have seized and shut down Cracked and Nulled, the two largest cybercrime forums in the world.
The takedown notice (Source: German Federal Criminal Police Office)
“The websites “nulled.to” and “cracked.io” have been the two largest trading platforms of the underground economy on the Internet since 2015 and 2018 respectively, with around five million registered user accounts [each],” the German Federal Criminal Police Office said.
“Both websites were organized as a forum on which criminal offers in the categories DDoS (Distributed-Denial-of-Service), Malware, Cracking & Hacking Tools or Leaks could be placed and retrieved.”
Forum users sold and bought software used for hacking and stealing data, AI-based tools and scripts for detecting security vulnerabilities or optimize attacks, and shared phishing techniques and tools.
“Operation Talent” results
“The platforms were connected by the same administrators, which was evident in a similar technical and structural structure,” the German authorities noted.
The investigation revealed eight people that are believed to have been directly involved in the operation of the criminal trading platforms, including two German citizens, one living in Segeberg (Germany) and the other one in Valencia (Spain).
“The two German defendants are suspected of commercial operation of criminal trading platforms on the Internet in accordance with §127 of the Criminal Code, which provides for a prison sentence of six months to ten years in the event of a conviction. The other defendants, a woman aged 27 and men aged 21 to 29, will have to answer in proceedings of the American, Spanish, Greek and Italian law enforcement authorities under local law. A total of two people, including a German citizen, were arrested,” the Federal Criminal Police Office shared.
Europol says that 12 domains within the platforms Cracked and Nulled were seized.
“Other associated services were also taken down; including a financial processor named Sellix which was used by Cracked, and a hosting service called StarkRDP, which was promoted on both of the platforms and run by the same suspects,” the EU agency for law enforcement cooperation stated.
The authorities have seized the IT infrastructures of the two forums, and now have in their posession the e-mail addresses, IP addresses and communication histories of all the registered user accounts, which will help to mount further international investigations against criminal sellers and users of the platforms.