Hackers and identity thieves use underground Internet forums to buy, sell and trade malware, botnets, and information to commit cybercrimes around the globe. Recently the Justice Department announced the dismantling of perhaps the most prominent of the approximately 800 criminal forums, Darkode and the arrest of twelve of its principals. Among the charged defendants is the primary administrator of Darkode, 27 year old Johan Anders Gudmonds of Sweden. An important aspect of this action against Darkode was that it represented the joint efforts of a coalition of law enforcement from 20 countries, which represents the largest coordinated international law enforcement effort ever brought against cybercriminals.
Darkode was a password-protected forum where cybercriminals would buy, sell, trade and share information, ideas and malware. In order to become a member of Darkode, a criminal would first have to be recommended by a present member of Darkcode and would have to prove that he or she would bring new skills or products to the group. In addition, prospective members had to go through an extensive vetting process.
One of the key elements of Darkode and many other illegal cybercriminal enterprises is the use of botnets or infected zombie computers to spread the malware and avoid detection. Cybercriminals would take over the computers of unwary individuals and use their computers to remotely send out their malware to their targets, such as banks or other commercial enterprises. Many of you may actually be part of a botnet without knowing it. Most people become part of a botnet when they unwittingly download the malware that permits the cybercriminal to remotely take over the victim’s computer. Usually this is done through phishing emails in which the victim is lured into clicking on a link infected with the malware. Even if you have the most up to date anti-malware software, you may be vulnerable because it generally takes the security software companies at least a month to catch up to the latest strains of malware. So the lesson to us all is one I am constantly preaching, namely never click on any link or download any attachment until you have verified that it is legitimate. Merely because it may be sent from a friend of yours does not mean that you can trust it. Your friend’s email account may have been taken over by a hacker or your friend is unwittingly passing on malware without even knowing it. Trust me, you can’t trust anyone.