FBI Seizes Internet Domains Associated with Major Cybercrime Ring; 17M Victims | Strategic Revenue

WASHINGTON, D.C. – A multi-jurisdictional operation involving the Federal Bureau of Investigation (FBI) and several other law enforcement agencies has resulted in several well-known internet domains being seized that were a part of a major cybercrime ring responsible for hacking and stealing credentials from digital marketplaces.

As of Wednesday, the Cracked.io and Nulled.to internet forums – long known as havens for threat actors who engaged in password theft, software piracy, and credential-stuffing attacks – now redirect to severs controlled by the FBI, with visitors now receiving a landing page with a graphic message saying that the sites have been seized by a coalition of international law enforcement partners, which includes Europol and representatives of Australia, France, Germany, Greece, Italy, and Spain.

In addition, several other domains were seized by authorities, including SellIX – which enabled cyber crooks to create virtual storefronts for selling illegal goods – and StarkRDP, which is a Microsoft Windows-based remote desktop hosting service that was purportedly utilized by hackers to carry out their attacks anonymously.

🚨 Big day on the dark web! Possibly a major FBI takedown of two underground sites—Cracked & Nulled. Their DNS now points to FBI infrastructure, and both are offline. Even seasoned cybercriminals seem confused. More updates soon 👇 pic.twitter.com/0o68i97XAZ
— Overwatch (@Overwatch_data) January 29, 2025

Despite hosting legitimate discussions about hacking, Cracked and Nulled had also been known for a seedy underbelly that supported cybercriminals, making lists of stolen usernames and passwords, cracked software licenses, and automated credential-stuffing attack tools available for sale to users in an illicit marketplace.

Nulled[.]to and Cracked[.]to have been officially seized by Law Enforcement pic.twitter.com/JXht8uttfR
— vxdb (@vxdb) January 29, 2025

Thanks to the information and services made available by these now shut-down sites, threat actors have carried out major data breaches over the years that have impacted millions – both in terms of consumers and businesses – all over the world.

Wednesday’s seizure of Cracked, Nulled, SellIX, and StarkRDP represents a strong effort on the part of global authorities to dismantle cybercrime rings; this action goes hand-in-hand with last year’s seizure by another international law enforcement partnership of BreachForums, a message board where threat actors bought and sold hacked and stolen data, compromised credentials, and other illegal goods and services.

John Colascione

About The Author: John Colascione is Chief Executive Officer of Internet Marketing Services Inc. He specializes in Website Monetization, is a Google AdWords Certified Professional, authored a ‘how to’ book called ”Mastering Your Website‘, and is a key player in several Internet related businesses through his search engine strategy brand Searchen Networks®

Leave a Reply Cancel reply