Specialists from the K Department of the Russian Interior Ministry blocked the operation of four leading darknet sites: the Sky-Fraud forum, Trump’s Dumps, UAS Store and Ferum Shop, the largest market for stolen credit cards. reports Elliptic.
During their operation, the sites earned more than $263 million in Bitcoin, Ethereum and Litecoin.
The majority of that sum – $256 million – went to Ferum Shop, which has been operating since 2011. According to Elliptic, this card shop accounted for almost 17% of the entire market for stolen credit cards.
The resource UAS Store sold compromised Social Security numbers and access to RDP-servers, which allowed cybercriminals to remain anonymous.
The total value of data sold for more than 113 million bank cards on the sites during their operation exceeded $654.9 million.
Ferum Shop, Trump’s Dumps and UAS Store may have been run by a single hacker group, since they shared a server, as suggested by Group-IB experts.
On the Sky-Fraud, Ferum Shop and Trump’s Dumps sites, notices of their blocking by the K Department of the Russian Interior Ministry appeared. The current source code of the closed resources contains a warning “WHO IS NEXT?”.
Group-IB explained that this is not simply the blocking of resources, but a takedown — gaining access to the entire infrastructure of those who ran the sites. This would be possible only if those individuals were detained, the experts added.
On February 7, investigators from the Ministry of Internal Affairs asked the Tverskoy Court of Moscow to arrest six suspects in a criminal case of illegal handling of payment instruments, as reported by TASS.
They were presumably part of a hacker group involved in the theft and sale of stolen credit cards. According to the publication, the defendants “possess specialized knowledge in the field of international payment systems” and were detained in various regions of Russia.
Officially, no link between these two cases has been confirmed yet.
Earlier this year, in mid-January 2022 the FSB announced the arrest of members of the hacker group REvil on the basis of a request from US authorities.
As a result of searches at 25 addresses, law enforcement seized more than 426 million rubles, including in cryptocurrency, $600,000 and €500,000, and 20 premium cars.
On 15 January the Moscow court arrested eight suspects in the group for two months. They were charged with illegal turnover of payment instruments.