Police bust huge hacker black market

Here's how you can profit from hacking
Here's how you can profit from hacking

On Wednesday, police around the world coordinated a major bust, closing down a massive, highly-guarded black market for hackers.

Darkode, the shuttered black market, was a website where hackers would trade their dangerous wares.

Criminals would swap huge batches of stolen data. Identity thieves would purchase databases of Social Security numbers and credit cards. Cyberweapons dealers would sell malware that could break into government and corporate computer networks -- or fry hardware and cause millions of dollars in damage.

Hackers who snuck into millions of computers -- and turned them into a slave network under their control -- would sell temporary access to their powerful computing power of their "botnets." These are regularly used to attack websites, overloading them and knocking them offline.

David J. Hickton, a federal prosecutor in Pennsylvania who helped lead the attack, called Darkode "one of the gravest threats to the integrity of data on computers in the United States and around the world."

The U.S. Justice Department estimate there are nearly 800 criminal Internet forums worldwide. Hickton described Darkode as "the most sophisticated English-speaking forum for criminal computer hackers in the world."

darkode website shut down
This is what the hacker black market Darkode looks like now.

As part of "Operation Shrouded Horizon," FBI agents went undercover, infiltrating Darkode with the help of police in Australia, Brazil, Colombia, Finland, Germany, Nigeria and several other countries. Federal officials called the operation "the largest coordinated international law enforcement effort ever directed at an online cyber-criminal forum."

And now the Justice Department is going after individual hackers too.

On Wednesday, it named 12 people suspected of taking part in the forum -- and most of them live in the United States.

  • The alleged creator of Darkode, a 27-year-old living in Glendale, Wisconsin, operating under several codenames. Cops say it was Daniel Placek -- AKA Nocen, Loki, Juggernaut, and M1rr0r.
  • Morgan C. Culbertson, codenamed Android, is a 20-year-old from Pittsburgh, Pennsylvania. Police say he designed Dendroid, malware that sneaks into Google Android smartphones, steals data and controls the device.
  • Eric L. Crocker, codenamed Phastman. He's 39 and resides in Binghamton, New York. Cops thinks he build a massive spam-spewing botnet by infecting Facebook users.
  • There's a three-person team that allegedly used a botnet in China to bombard people's phones with spam and break into routers in developing nations. Cops say the team included 27-year-old Naveed Ahmed, codenamed Nav and semaph0re, of Tampa, Florida. Another is a 31-year-old from Indianapolis, Indiana, Phillip R. Fleitz, codenamed Strife. The third is Dewayne Watts, codenamed m3t4lh34d and metal, a 28-year-old in Hernando, Florida.
  • Rory Stephen Guidry, codenamed k@exploit.im. He's accused of selling access to a botnet from his home in Opelousas, Louisiana.

What makes this such a huge takedown? It was wickedly difficult to infiltrate this tight knit hacker circle.

The most dangerous and legitimate black market hacker forums have tightly closed doors. It's an exclusive club protected by passwords. A strict vetting process keeps out cops and researchers. You have to provide proof of actual hacks to gain credibility -- and the more credibility you have, the closer you can access the full marketplace.

But the FBI managed to sneak in anyway.

Hackers steal data from federal agencies
Hackers steal data from federal agencies

CNNMoney Sponsors