Over the years, the FBI has taken down a number of high-profile black market and hacker-run websites, including the infamous SilkRoad that was hosted in the Dark Web. That site let you buy everything from drugs to a hitman, and did hundreds of billions of dollars in business.
Now the FBI can put another notch in its belt, and it's a big one. Along with law enforcement in 19 other countries, the FBI just shut down the Darkode.me forum and arrested 70 of its users. The reason this is such a big deal is because it shouldn't have been possible.
Any hacker-run website presents a challenge to shut down. You have to trace where the servers are located, which is a feat in itself, and work with law enforcement of that country to shut them down.
If you want to arrest criminals using the site, you have to find a way to match their real-world identities to their online user names. It doesn't help that they're using anonymizing services to make tracing their connection to the site nearly impossible.
That's just for a regular hacker-run site with ordinary users. Darkode was a forum exclusively for hackers, who you would assume know all the tricks and how not to get caught.
To stay safe, Darkode was heavily encrypted and invitation-only. Once inside, there was a "tiered access system" that kept new users out of the most sensitive, and usually illegal, discussions, such as creating new viruses, the latest exploits, planning attacks on companies and more.
Users took the precautions of using anonymizing services so their connections couldn't be traced. Many regularly changed their usernames so past conversations couldn't be pinned on them.
Even security expert Brian Krebs only managed to work his way into the lowest tier before he was discovered and kicked out. So, how did the FBI manage to take it down and arrest 70 users, including (allegedly) the site's main administrator?
The FBI isn't really saying. In fact, it takes great pains to keep what it can and can't do a secret so hackers never know what's safe to use. It even spreads rumors to keep up the confusion.
In this case, the FBI probably managed to sneak some of its people in at the lower level. It also probably got a hold of some of the more trusted forum members in the real world and used them as informants.
Because the FBI doesn't reveal what software it can crack, some forum members might have been using security programs that weren't as powerful as they'd hoped.
At this point, we don't even know if law enforcement got the forum servers or whether the information on them is still intact. There are probably a lot of very worried hackers out there waiting for the police to knock on their door.
Of course, many of those high-level hackers probably have dirt on lower-level hackers they're ready to turn over for a lighter sentence. So, this string of arrests could expand quite a bit in the coming weeks.