A wave of bittersweet melancholy has descended on the thousands of phishers, hackers and credit card swindlers inhabiting the computer crime supersite DarkMarket.ws. On Tuesday the site's operator, known as Master Splyntr, announced that he was shuttering the forum, which has hummed along for nearly three years as a premier vehicle of criminal commerce.
"[R]ecent events have proven that even in our best efforts to expel and deactivate the accounts of suspected LE [law enforcement], reporters, and security agents, it is obvious that we haven't been entirely successful," Splyntr wrote in a message on the site.
Chief among those recent events is last week's arrest of Cha0, a Turkish hacker -- and alleged kidnapper -- who served as one of DarkMarket's administrators. Cha0 was known for selling high-quality ATM-skimming hardware that crooks could affix to cash machines to grab debit card swipes and PINs. Turkish police arrested Cha0 on Friday, identifying him as one Cagatay Evyapan.
"It is apparent that this forum … is attracting too much attention from a lot of the world services (agents of FBI, SS, and Interpol)," wrote Splyntr. "I guess it was only time before this would happen. It is very unfortunate that we have come to this situation, because ... we have established DM as the premier English speaking forum for conducting business. Such is life. When you are on top, people try to bring you down."
DarkMarket is the only survivor among the handful of crime forums that emerged to fill the hole left by the Secret Service's "Operation Firewall" in October 2004. In that unprecedented law enforcement crackdown, the agency used an informant to target what was then the top crime site, Shadowcrew.com. Twenty-eight fraudsters were arrested in coordinated raids, and Shadowcrew was shuttered.
Like Shadowcrew and earlier sites, DarkMarket lets buyers and sellers of stolen identities and credit card data meet and do business, in an entrepreneurial, peer-reviewed environment. Products for sale run the gamut from specialized hardware, to electronic banking logins collected from phishing attacks, stolen personal data needed to assume a consumer's identity ("full infos") and credit card magstripe swipes ("dumps), which are used to produce counterfeit cards. Vendors are encouraged to submit their goods for review before offering them for sale.