Update January 29, 14:15 EST:
- United States,
- Italy,
- Spain,
- Europe,
- France,
- Greece,
- Australia, and
- Romania.
"This website, as well as the information on the customers and victims of the website, has been seized by international law enforcement partners," the banners read.
Cracked.io's staff has released a new statement on Telegram confirming that law enforcement has seized the cracked.io domain.
"Now that everyone has more clarity on the situation, Cracked.io has been seized under operation talent with specific reasons being undisclosed," they said.
"We are still waiting for the official court documentation from the data centre and the domain host. We will inform you guys further on those details once we have it. A sad day indeed for our community."
See our original story below.
The FBI has seized the domains for the infamous Cracked.io and Nulled.to hacking forums, which are known for their focus on cybercrime, password theft, cracking, and credential stuffing attacks.
While some of their members also engaged in ethical hacking discussions, the sites were widely regarded as a hub for cybercriminal activity.
They also hosted content related to software cracks, hacking tools like "configs" used by credential stuffing attack tools (e.g., OpenBullet and SilverBullet), and other illicit activities, including a "combo lists" marketplace with stolen credentials or databases.
When trying to open the sites, web browsers display "Error 1000. DNS points to prohibited IP" and Error 1016. Origin DNS error" messages.
Today, the FBI seized the forums' domains and changed their name servers to ns1.fbi.seized.gov and ns2.fbi.seized.gov from their previous Cloudflare name servers.
Cracked.io's staff published an announcement on their Telegram channel earlier today, blaming a data center issue for the ongoing access problems.
"There is an active issue in our data centre which the staff is working on. Hence services remain offline till the issue is resolved. We will get detailed report later," they said.
"We can only hope it is resolved without further issue. No estimated time at this moment. The current status from data centre is that it may take up to 1 day."
Today, the FBI also seized domains used by:
- MySellIX (mysellix.io) and SellIX (sellix.io), two platforms that allowed users to create their own online stores, which threat actors also used to sell stolen data, software keys, and compromised accounts, and
- StarkRDP (starkrdp.io), a Windows RDP virtual hosting provider that some threat actors allegedly used for credential stuffing attacks.
FBI Seizes Leading Hacking Forums Cracked.to and Nulled.to
International law enforcement operation targets group of cybercrime websites | Reuters
Comments