DarkMarket Carding (Credit Card Fraud) Site Part of FBI Sting


You may remember the story about the Pro ATM Hacker ‘Chao’ and his Tips a while back, apparently that was the start of a big global sting operation on credit card fraud.

Chao was admin/moderator on a community of carders (where they bought/sold stolen credit card info) called DarkMarket and the first to be busted, it turns out the site was actually ran by an FBI agent (J. Keith Mularski AKA Master Splynter) and operated by the National Cyber Forensics Training Alliance (NCFTA)

There have been many reports this week that fraud website DarkMarket, which closed earlier this month, was shut down because of an international intelligence operation, which has lead to up to 60 people being arrested.

All is not as it seems, however, as CNET is stating that the website was all part of an FBI sting operation. It all stems from an article in Wired, where they uncovered that the webmaster of the site was non other than J. Keith Mularski, a senior FBI agent, going under the guise of Master Splynter.

Splynter wrote on the site, just before its demise: “I guess it was only time before this would happen. It is very unfortunate that we have come to this situation, because … we have established DM as the premier English speaking forum for conducting business. Such is life. When you are on top, people try to bring you down.”

There have been multiple arrests in UK following the sting, it seems like this was a very long and rather successful operation taking down a number of key players.

60 arrests is a pretty decent number, each of them must have perpetrated quite a lot of fraud so you can imagine the money being saved with these guys behind bars.

The elaborate ruse is backed up by information uncovered by Südwestrundfunk, a German radio network, who found out the site was being operated by the National Cyber Forensics Training Alliance (NCFTA).

Sting or not, the closing down of the website has lead to 60 arrests, with one person charged with purchasing £250,000 pounds’ worth of stolen data in under two months.

Recent arrests in the UK have so far been made in Leicester, Manchester, Humberside, South Yorkshire and London. DarkMarket administrator Cagatay Evyapan, aka Cha0, was arrested by Turkish police at the beginning of September.

That’s a lot of stolen cards, I wonder how they even get all this information? I guess they have multiple ways with online info being exposed…a lot of the hacks don’t even get published, just covered up.

Then oldskool physical methods like tagging/cloning in petrol stations and restaurants, rigging ATM machines and just plain stealing the cards from the mail.

Source: Techradar (Thanks Navin!)

Posted in: Legal Issues, Privacy, Spammers & Scammers


Latest Posts:


OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.
trident - Automated Password Spraying Tool trident – Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to be deployed on multiple cloud providers and provides advanced options around scheduling
tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.
Arcane - Tool To Backdoor iOS Packages (iPhone ARM) Arcane – Tool To Backdoor iOS Packages (iPhone ARM)
Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories.
SharpHose - Asynchronous Password Spraying Tool SharpHose – Asynchronous Password Spraying Tool
SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike's execute-assembly.
Axiom - Pen-Testing Server For Collecting Bug Bounties Axiom – Pen-Testing Server For Collecting Bug Bounties
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.


7 Responses to DarkMarket Carding (Credit Card Fraud) Site Part of FBI Sting

  1. Navin October 20, 2008 at 6:26 pm #

    Again and again

    Cheers :) !!

  2. Morgan Storey October 20, 2008 at 11:39 pm #

    Ah good old honeypots for id theft. Next they need to setup a bank, make it corporate only minimum 1mill balance and have a bot army doing fake logins, then watch for the mitm attacks.

  3. Gul October 21, 2008 at 8:24 am #

    Hooray for NCFTA :)

  4. navin October 21, 2008 at 2:00 pm #

    Gul said ‘Hooray for NCFTA’

    hehehehehe :)

  5. Gul October 21, 2008 at 3:06 pm #

    Might have congratulate SpamHaus for their fake data on Mularski too ;)

  6. goodpeople October 27, 2008 at 8:37 am #

    Strike one for the good guys…

  7. zakowako January 18, 2009 at 11:46 am #

    there was a fake bank set up with no protection on it to see how many attacks (and what types) would be performed on it and how quickly. i cant remember the exact number but it was v.funny.

    GOOD ol WIRED