This article is more than 1 year old

FireEye intern nailed in Darkode downfall was VXer, say the Feds

'Helped improve detection capabilities' while allegedly selling badass trojan toolkit

Looks like you're nicked

The malware also included the ability to:

  • Intercept and block SMS received by the target device
  • Download pictures from the target device
  • Spy on the user by taking pictures or making audio and video recordings
  • Download the user’s web browser history and any saved bookmarks
  • Download any other accounts (email, social media, VPN) stored on the device
  • Send texts as the device owner
  • Record any ongoing calls
  • Open a dialogue box to ask for passwords or send messages to the victim

The Darkode sting has been chalked up as the slaying of one of the most gravest threats to user security.

“Of the roughly 800 criminal internet forums worldwide, Darkode represented one of the gravest threats to the integrity of data on computers in the United States and around the world and was the most sophisticated English-speaking forum for criminal computer hackers in the world,” Pennsylvania attorney David J. Hickton said in an official statement.

FBI deputy director Mark F. Giuliano added that it is a milestone in the bid to sever the ability for crimeware to be bought and sold.

The second alleged Darkode administrator, Johan Anders Gudmunds, 27, of Sweden, saw him also being accused of creating the Crimepack exploit kit. He is said to have sold access to botnets comprising 50,000 machines and stealing data on more than 200 million different occasions.

Authorities also charged Matjaž Škorjanc, 28, of Slovenia, with rackeetering offences along with conspiracy to commit wire fraud, computer fraud and extortion, amongst other charges. Škorjanc was the author and seller of one of history's biggest botnets, known as Mariposa. He was jailed for almost five years in 2014.

Various other bot and malware writers, spammers, and credit card thieves were nicked.

Security crime reporter Brian Krebs, who has made a name for himself by playing identities on the likes of Darkode, has dumped a series of screenshots he took inside the forum and detailed further exploits of its participants. ®

More about


Send us news

Other stories you might like