beebright -

World’s largest dark web market disrupted in major police operation

Coordinated international operation including Europol and the UK’s National Crime Agency has successfully taken DarkMarket offline

DarkMarket – thought to be the world’s largest illegal dark web marketplace – has been taken offline following an international law enforcement operation involving forces from Australia, Denmark, Germany, Moldova, the UK, Ukraine and the US, supported by Europol, which provided specialist operational analysis and co-ordination between the various agencies.

Before its disruption, DarkMarket boasted nearly half a million users, more than 2,000 active sellers, and had overseen over 320,000 different transactions involving the transfer of 4,650 bitcoin and 12,800 monero, the equivalent of about €140m (£122.6m). It dealt in drugs, counterfeit currency, stolen or fake credit card details, mobile SIM cards and malware.

DarkMarket’s closure followed the arrest of an Australian citizen, supposedly the operator of the service, in the northern German city of Oldenburg over the weekend of 9-10 January 2021.

This enabled officers to locate and close the marketplace, switch off its servers and seize its infrastructure, which was hosted in Moldova and Ukraine across about 20 servers. Europol said the data seized would give law enforcement new leads to further investigate criminal activity on the forum.

Netherlands-based Europol said its dedicated dark web team – which works with law enforcement both inside and outside the European Union (EU) – was delivering a “completed, coordinated approach” to disrupting the underground illegal economy, including information-sharing, support and expertise, new tools, tactics and techniques, and target and threat identification.

“The team also aims to enhance joint technical and investigative actions, and organise training and capacity-building initiatives, together with prevention and awareness-raising campaigns – a 360° strategy against criminality on the dark web,” the organisation said.

“A shared commitment across the law enforcement community worldwide and a coordinated approach by law enforcement agencies have once again proved their effectiveness. The scale of the operation at Europol demonstrates the global commitment to tackling the use of the dark web as a means to commit crime.”

IntSights cyber threat intelligence adviser Paul Prudhomme said the end of DarkMarket removed a key enabler for the cyber criminal underworld.

“Dark web marketplaces such as this now-defunct website serve as key enablers for cyber criminals,” he told Computer Weekly in emailed comments. “They provide these criminals with places to buy and sell malware, malicious infrastructure, and compromised data, accounts and devices. Such exchanges are critical to cyber criminal operations because few criminals rely exclusively on their own resources, and many do not actually use the data that they steal.

Read more about cyber crime

“Most cyber criminals rely to varying degrees on tools and infrastructure that they acquire from other criminals, and many earn their money by selling the results of their attacks to other criminals, rather than using it themselves.”

However, Prudhomme said it is unclear to what extent the shutdown of DarkMarket will really impact cyber criminal operations in the long term.

“New dark web marketplaces eventually emerge to replace those that have closed, and users simply migrate to those new websites and to existing competitors,” he said. “The arrest of one of the website’s operators and the seizure of its infrastructure may nonetheless yield useful investigative leads for law enforcement with which to act against its individual users, which may have a more enduring impact.

“The website’s use of infrastructure in Ukraine and Moldova is not surprising, as many criminals prefer to host infrastructure in those two countries, which they perceive to be relatively safe from law enforcement.”

Read more on Hackers and cybercrime prevention

Data Center
Data Management