Agent J. Keith Mularski spent two years infiltrating the Dark Market forum before members were arrested in September 2008. In an interview with CNET News, he revealed that it was intended to "penetrate the groups and dismantle them like we would with organised crime" and that he was "very successful in getting to the upper echelons of the Dark Market group and we were actually able to run the server and host all the communications that were going on there to make our cases against the criminals".
He revealed that by working with the Spamhaus Project he was able to acquire the false identity of being ‘one of the world's top five spammers' for credibility purposes.
He said: “I didn't necessarily have to do any criminal activity. I could talk the talk. If someone wanted me to mail (send spam) for them I would (get out of it by giving them the excuse) that they were too small of a fish. If they were a big fish I'd just say I didn't have any openings or time to work with them.”
In regard to what sort of activity he saw on Dark Market, Mularski claimed that there was "all sorts of identity theft" with hacking into companies and stealing and selling credit card numbers, as well as selling photo documentation, harvested bank accounts and malware programs.
“The whole gamut of the cyber underground was available there. If you needed it you could get it there on the site”, said Mularski.
He also claimed that the ages of its users were varied from 17 up to people in their 40s, and that there were connections to organised crime.
Mularski said: “One of the guys, ‘ChaO', kidnapped someone. He viewed himself as a traditional organised crime member. He was connected with organised crime groups in Turkey and they resorted to violence when they kidnapped someone who was talking too much about the operations. We're seeing more of that, especially in Romania. Also in Russia.
“The attackers have changed with the emergence of organised crime into these cybercrimes. It's all about the money now and not just about how elite my hacking skills are to get into this website. Profit is driving these groups.”
Finally he claimed that there were instances where he was nearly caught out, when a rival who hacked the server and looked at who was logging in traced the IP address to the National Cyber Forensics Training Alliance.
“I had to go on the offensive and say that it wasn't me and that it was already in the server. Eventually they believed me. There were a lot of wars between rival groups at the time. A lot of people were accusing each other of being "feds" and "cops" and I was able to use that to my advantage to create a smoke screen and create doubt”, said Mularski.
See original article on scmagazineuk.com