Saturday, May 9, 2009
What Did Darkmarket.ws Look Like? Posted by Mikko @ 10:58 GMT

Keith Mularski
FBI agent Keith Mularski gave an interview yesterday to Elinor Mills. In the interview he talks for the first time about the background of the infamous Darkmarket.ws sting operation.

Special Agent Mularski worked undercover for two years, operating a message forum for online criminals, posing as one of them. The operation ended last fall with 60 arrests around the world.

The most famous arrest to come out of this sting operation was the arrest of �ağatay Evyapan in Turkey. Mr. Evyapan, known online as "cha0" was arrested in a raid by a special unit of the Turkish police.

Here's a video of cha0's arrest from our Security Wrapup:

cha0 aka �ağatay Evyapan

The Darkmarket case has received a lot of media coverage.

But what did the actual site look like when it was still operational?

For the first time, we're now publishing a series of screenshots taken of Darkmarket.ws.

We took these pictures mostly in 2006 and 2007. They detail how this forum was used to conduct all kinds of online crimes.

Login page of Darkmarket.ws

Here's a user who is interested in buying access to 3000-4000 infected machines a week.

"Get more $$$ for your logs" - this user is advertising cashing services for various banks, used to steal money from online bank accounts. Credentials for these accounts have been stolen via keyloggers.

User 'aloaster' has hacked several online shops. Now he's selling administrator access to them.

Distributed-denial-of-service attacks for sale. "This is a great deal on DDOS attacks and cannot be beat by anyone!"

200 "dove" stickers for $1500. "Dove stickers" are VISA credit card holograms.

Another ad for credit card holograms.

Malware for sale, $350.

Updated to add: Darkmarket is back, sort of. See:
http://twitter.com/mikkohypponen/status/1747396042 and

<<< Q&A: Windows 7 File Extension Hiding
l337 Beta Testers Needed >>>