The U.S. government has teamed up with international partners to help take down the infrastructure of two of the largest cybercrime marketplaces in the world known as Cracked and Nulled.
The operation was announced in conjunction with Operation Talent, a multinational law enforcement operation supported by Europol. The takedown of the two forums involved actions in the United States, Romania, Australia, France, Germany, Spain, Italy, and Greece.
“The two platforms, Cracked and Nulled, had more than 10 million users in total. Both of these underground economy forums offered a quick entry point into the cybercrime scene,” Europol said in a press release. “These sites worked as one-stop shops and were used not only for discussions on cybercrime but also as marketplaces for illegal goods and cybercrime-as-a-service, such as stolen data, malware or hacking tools.”
According to the U.S. Department of Justice (DoJ), at least 17 million Americans were affected. DoJ said Cracked had over four million users, listed over 28 million posts advertising cybercrime tools and stolen information, and generated about $4 million in revenue.
The FBI, working in collaboration with foreign law enforcement partners, identified servers that hosted the Cracked marketplace infrastructure and eight domain names used to operate Cracked. They also were able to identify servers and domain names for Cracked’s payment processor, Sellix, as well as the server and domain name for a related bulletproof hosting service.
“All of these servers and domain names have been seized pursuant to domestic and international legal process,” the Justice Department said.
As for Nulled, the marketplace had over five million users, listed over 43 million posts advertising cybercrime tools and stolen information, and generated approximately $1 million in yearly revenue. Notably, one product advertised on Nulled alleged to contain the names and social security numbers of 500,000 American citizens.
The FBI and its foreign law enforcement partners identified the servers that hosted the Nulled marketplace infrastructure, and the domain used to operate Nulled. The Justice Department also unsealed charges against one of Nulled’s administrators, Lucas Sohn, an Argentinian national residing in Spain.
“According to the complaint, Sohn was an active administrator of Nulled and performed escrow functions on the website. Nulled’s customers would use Sohn’s services to complete transactions involving stolen credentials and other information,” the Justice Department said in a press release.
If convicted, the DoJ said Sohn faces a maximum penalty of five years in prison for conspiracy to traffic in passwords, 10 years in prison for access device fraud, and 15 years in prison for identity fraud.
