Australian police draw flack over cyber crime fiasco

An attempted major cyber crime bust appears to have backfired on Australian federal police.

Security experts have levelled sharp criticism at the authorities over the mishandling of the bust and subsequent failed efforts to secure the target site.

Authorities had infiltrated the r00t-y0u forum, a popular message board for hackers dealing in stolen credit card data. Australian police had tracked down and arrested the administrator of the site, gaining access to the forum controls.

US law enforcement used a similar tactic to shut down the Dark Market forum, gaining administrator clearance to the site then shutting the forum down after those connected to the criminal activity were apprehended.

However, it appears that the bust of r00t-y0u did not go nearly as well. Rather than silently operating and collecting further data, authorities posted a message to the front page of the board warning that all activity had been logged and was now in the hands of authorities.

The move all but ended the chances of further arrests and drew criticism from security experts. Christopher Boyd, director of malware research at FaceTime, said in a blog post that the decision was "so utterly stupid it defies description".

Boyd suggested that, in posting the message, authorities had allowed many of the criminals ample time to destroy evidence, and that the only individuals deterred from committing further activity would be a few novice hackers or 'script kiddies' that had stumbled onto the site.

"Take a forum down, sure, but don't tell the world you just did it without covering your tracks and don't assume they don't have a ring of fallback forums to go to while the main site is down," wrote Boyd.

"Doing something like this means other researchers and law enforcement don't catch their targets at points B, C and D because they already know they're being watched and have wiped all the evidence."

Boyd is not alone in his criticism of the bust. Shortly after the police message was posted, a hacker using the alias KillaWho reportedly gained access to the now police-controlled r00t-y0u site and posted a message taunting authorities.

"Everybody knows not to 'engage' in criminal activity, but we still do it, don't we?" the hacker wrote. "Your little post isn't going to stop anybody from doing anything."

Following the second defacement, the site was taken down. It is not believed that any other police systems were compromised in the attack.