FBI Sends Hacker, Who Helped Them Bust Hacker Market, Behind Bars



Last week, as part of coordinated law enforcement efforts in 20 countries, FBI agents in Pittsburgh led the largest global effort to date to take down Darkode – an online, password-protected forum in which hackers and other cyber-criminals convened to buy, sell, trade and share information, ideas, and tools to facilitate unlawful intrusions on others’ computers and electronic devices. Through Operation Shrouded Horizon, more than 70 people were arrested around the world; David Hickton, the US Attorney for Western Pennsylvania, said that criminal charges were filed against 12 Americans associated with the illegal computer hacking forum.
darkode
28-year-old Rory Stephen Guidry, a Louisiana man, was one of the 12 alleged cybercriminals arrested in the raid. He was charged with computer fraud and selling botnets—large collections of computers taken over by malware that give the botnet operator complete control over them—on Darkode, which the investigators said was the largest-known English language malware forum in the world until the FBI got a court order to shut it down.
However, according to a hacker with direct knowledge of the investigation, Guidry was working with the FBI as a paid informant and helped the FBI bust Darkode.
The hacker and Guidry, who served as informants for the US government in earlier investigations, were first approached by the FBI about gaining administrative access to Darkode in 2013. Before becoming a member of Darkode, federal officials said prospective members were allegedly vetted through a process in which an existing member invited a prospective member to the forum. The prospective member would then be required to present the skills or products that he or she could bring to the group to infect and control computers and electronic devices.
J. Keith Mularski, the FBI’s supervisory special agent for cyber-crime in the Pittsburgh office, told reporters that Operation Shrouded Horizon started about 18 months ago when investigators in Pittsburgh brought a case against a group of criminals writing malware to infect computers. Agents developed a ‘source’ inside the ring and leveraged that contact to start an undercover operation aimed at Darkode. They were able to become Darkode members by posing as criminals and acquiring illicit goods.
Guidry stole Lizard Squad’s botnet, the one used to bring down Xbox Live and the Playstation Network on Christmas Day in 2014, and posted it on Darkode. Guidry’s supply of the stolen botnet code played a key role in gaining the community’s trust. However, the FBI sent him behind bars “for utilizing his botnet to infect malware on systems for malicious activities and to allow infected systems of other hackers to connect to his botnet to obtain updates of malware for malicious activities.”

0 comments:

FBI Created Spyware Able To Monitor Activities Of A Targeted TOR User



It was back in July of 2012 that the FBI, through their contractor Pradeep Lal, employed Hacking Team to create a piece of malware that could monitor the activities of users of the TOR Browser. Now, after 3 years, the emails that contain the information pertaining to this communication and the malware creation by the Hacking Team have been released by a hacker who was able to access this information.
The intent of the FBI contractor was to monitor the activities of an individual that the FBI was targeting. Though they could access the information, such as the websites visited by the target using other browsers, they were not able to get information about the websites that were being accessed through the TOR Browser.
(NOTE: TOR is a highly efficient browser for anonymously browsing the internet. It allows users to access websites through a network of nodes, without leaving any trace of their IP addresses on the websites they visited.)
The malware, created by the Hacking Team, installs itself on the target’s computer but it was not able to access a lot of information initially. It was later developed further, to execute an action in the background when the targeted user used the TOR Browser, and instead of directing searches from the user through the TOR network, the malware would directly lead to access to the intended website. This allowed the malware to access the browsing details of the target(s).
Don’t be alarmed, this in no way compromised the functionality of the TOR network itself, since the malware could not access any data from TOR, nor could it monitor other user activities through TOR. However, incidents like these depict the interests of governments in accessing personal information of private individuals and should be viewed as a threat to their privacy.

0 comments: