FBI agent discusses big cybercrime bust

FBI agent Keith Mularski told a panel on the conference about his two-year undercover experience as a member and later moderator of the cybercrime forum 'Dark Market.'

The forum was shut down last October following the arrest of nearly all its founders and administrators.

Officials estimate that the bust lead to 60 arrests and more than US$70 million (A$99 million) in fraud averted.

Much of that was due to the work of Mularski, who penetrated the highest ranks of the forum's administration under the code name 'Master Splyntr.'

First joining under the disguise of an unknown hacker, Mularski eventually rose to obtain moderator status on the forum and host the actual site on FBI servers before finally shutting it down.

During that time, Mularski witnessed the site become what he described as a "one stop shop" for crimes ranging from credit card theft to ID and passport forgery.

The site traded in not only bank and credit card details, but also hardware and software for creating fake payment cards and phony documents.

"This was basically a supermarket for cybercrime where you could get anything you wanted for fraud," he explained.

Mularski then went on to describe the complex structure of the operation, which functioned much like an organised gang.

Dark Market's structure was headed by a small group of a few founding administrators. Reporting to the administrators were several moderators who oversaw operations on the site. Below the moderators were the reviewers in charge of testing for the authenticity of the data being traded.

The users were then divided into two categories, the reviewed vendors who sold the illegal materials and the users who purchased them.

Aside from the money itself being exchanged, reputation was the currency in Dark Market. Users who defrauded others or sold non-working products could be banned from the site, while those who routinely offered quality data would see their status in the community improve.

Often, said Mularski, vendors would offer payment or free materials to reviewers in order to improve their standings.

Mularski's 'Master Splyntr' persona was able to raise his standing in Dark Market by offering support services. Claiming to have a background in spamming and hosting, Master Splyntr gained favour with administrators when, following attacks from rival forums, Mularski offered to host Dark Market on his own servers, a move which proved critical in the shutdown of Dark Market.

With his status established in the site's hierarchy, Mularski was then able to help the FBI track down many of Dark Market's administrators over the course of 2007 and 2008.

Authorities were able to arrest site founders Markus "Matrix001" Kellerer of Germany and UK resident Renu "JiSLI" Subranuam along with Max "Iceman" Butler of San Francisco.

The fate of Dark Market was sealed in the fall of 2008 when authorities were able to apprehend Cagatay "Cha0" Evyapan, though not before Evyapan was able to kidnap, torture and photograph a fellow believed to be working as an informant.

With most of the site's leadership in custody, Mularski was left at the helm of Dark Market. In October, as the story behind the operation finally began to reach the press, the forum was formally shut down by the FBI.

For experts, the story behind Dark Market and its takedown serve as an illustration of just how dangerous and sophisticated cybercrime is becoming. McAfee vice president of researcher Dmitri Alperovitch explained to conference attendees how the Russian Mafia has entrenched itself within the business and added new dangers.

Dating back to the 1930s and renowned for their brutality and ruthlessness, the Russian mafia groups have been involved in cybercrime since the early days of the internet when criminals traded in pirated 'warez' software.

As the internet matured through the 90s, so did the involvement of the mafia and the danger posed by the groups, he said. Organised crime in Eastern Europe has been tied into everything from spam and phishing runs to the recent cyberattacks on Estonia and Georgia.

With cybercrime more pervasive and lucrative than ever, both Mularski and Alperovitch warn that the reach and power of organised crime and the potential for real-world violence will only increase.