ShadowCrew
This article possibly contains original research. (August 2017) |
Type of site | Forum |
---|---|
Created by | Corrie |
Commercial | Yes |
Registration | Required to access features |
ShadowCrew was a cybercrime forum that operated under the domain name ShadowCrew.com between August 2002 and November 2004.[1]
Origins
The concept of the ShadowCrew was developed in early 2002 during a series of chat sessions between Brett Johnson (GOllumfun), Seth Sanders (Kidd), and Kim Marvin Taylor (MacGayver). The ShadowCrew website also contained a number of sub-forums on the latest information on hacking tricks, social engineering, credit card fraud, virus development, scams, and phishing.[2]
Organizational structure
ShadowCrew emerged early in 2002 from another underground site, counterfeitlibrary.com, which was run by Brett Johnson and would be followed up by carderplanet.com owned by Dmitry Golubov a.k.a. Script, a website primarily in the Russian language.[3] The site also facilitated the sale of drugs wholesale.[citation needed]
During its early years, the site was hosted in Hong Kong, but shortly before CumbaJohnny (Albert Gonzalez)'s arrest, the server was in his possession somewhere in New Jersey.[citation needed]
Aftermath and legacy
ShadowCrew was the forerunner of today's cybercrime forums and marketplaces. The structure, marketplace, review system, and other innovations began when Shadowcrew laid the basis of today's underground forums and marketplaces. Likewise, many of today's current scams and computer crimes began with Counterfeitlibrary and Shadowcrew. The site flourished from the time it opened in 2002 until its demise in late October 2004. Even though the site was booming with criminal activity and all seemed well, the members did not know what was going on behind the scenes. Federal agents received their "big break" when they found CumbaJohnny aka Albert Gonzalez.[4] Upon Cumba's arrest, he immediately turned and started working with federal agents.[5] From April 2003 to October 2004, Cumba assisted in gathering information and monitoring the site and those who utilized it.[5] He started by taking out many of the Russians who were hacking databases and selling counterfeit credit cards.[5] CumbaJohnny was a long term police informant who was responsible for teaching the US Secret Service how to monitor, trap and arrest the ShadowCrew.[6]
In addition to the US-led efforts, critical investigative contributions came from the Australian sector, spearheaded by cyber security expert Julian Neale and Craig Davis from the Victoria Police. Their diligent investigations initiated during the era of the Counterfeit Library and seamlessly transitioned to the Shadowcrew case.
Through intensive data gathering and comprehensive digital forensics, they achieved the necessary breakthroughs that facilitated the identification of key suspects. These efforts led to multiple arrests in Australia, significantly undermining Shadowcrew's operations.
Moreover, their extensive and meticulous research provided a wealth of data that proved instrumental for other law enforcement agencies globally in their respective pursuit of cybercriminals. Their commitment and efforts were pivotal in disrupting the operations of this formidable cybercrime network.
The Federal indictment says, "Shadowcrew was an international organization of approximately 4,000 members…" The last available page before October 27, 2004 on archive.org[7] shows 2,709 registered members. To people familiar with the ShadowCrew forum, it is well known[citation needed] that many members had multiple user names. Members who were banned from the forum would frequently register with another user name as well. Lastly, the forum was around for over 2 years so there were possibly many inactive accounts.[8] However, there was also a need by members to develop a name that could be trusted; so it is possible that the idea that most of the registered users were duplicates isn't accurate.[9]
$4 million in losses is the believed amount dealt with through this forum. This figure was arrived at by multiplying the number of credit cards transferred by $500 each (as per federal law when no monetary figure in a fraud case can be determined). This figure assumes that every single card was valid and had been used.[10] The dollar figure quoted only pertains to the evidence gathered by the VPN employed and the members. The actual dollar figure is potentially much higher due to the fact that the $500 per card federal law wasn't in existence until after federal agents took down the site.[9]
ShadowCrew admin Brett Johnson managed to avoid being arrested following the 2004 raids, but was picked up in 2005 on separate charges, in which he then turned informant for the Secret Service. Continuing to commit tax fraud as an informant, 'Operation Anglerphish' embedded him, then dubbed by Secret Service agents as "The Original Internet Godfather", as admins on both ScandinavianCarding and CardersMarket. When his continued carding activities were exposed as a part of a separate investigation in 2006, he briefly went on the run and made the United States Most Wanted List before being caught in August of that year.[11]
In 2011, former Bulgarian ShadowCrew member Aleksi Kolarov a.k.a. APK was finally arrested and held in Paraguay before being extradited to the United States in 2013 to face charges.[12]
In 2019 CNN released an episode of Declassified: Untold Stories of American Spies detailing the Secret Service investigation into ShadowCrew.
In 2022 the Podcast Darknet Diaries made a two-part interview with GOllumfun and talked about insides from ShadowCrew.[13]
See also
References
- ^ Brian Grow, with Jason Heke Bush (May 30, 2005). "Hacker Hunters: An elite force takes on the dark side of computing". BusinessWeek. Archived from the original on May 22, 2005. Retrieved 2012-01-30.
- ^ Brett "GOllumfun" Johnson (29 June 2017). "The History of ShadowCrew, The Precursors of the Darkweb". Retrieved 17 December 2018.
- ^ Glenny, Misha (2011). DarkMarket: CyberThieves, CyberCops and You. p. 46. ISBN 9780887842399.
- ^ Poulsen, Kevin (2008-12-22). "One Hacker's Audacious Plan to Rule the Black Market in Stolen Credit Cards". Wired.com. p. 4. Retrieved 2009-01-05.
- ^ a b c Poulsen, Kevin (2008-08-05). "Feds Charge 11 in Breaches at TJ Maxx, OfficeMax, DSW, Others". Threat Level. Wired.com. Retrieved 2009-01-05.
- ^ Brad Stone (August 11, 2008). "Global Trail of an Online Crime Ring". New York Times. Retrieved January 30, 2012.
- ^ "Shadowcrew board". Shadowcrew. Archived from the original on 2004-07-01. Retrieved 2009-01-05.
- ^ Albert Breton (2009). Multijuralism: manifestations, causes, and consequences. Ashgate Publishing. ISBN 9780754679448. Retrieved 2012-01-30.
- ^ a b From Brett Johnson, a.k.a. GOllum
- ^ 2004 Federal Sentencing Guidelines Manual - Chapter 2 Archived 2006-09-25 at the Wayback Machine
- ^ Zetter, Kim (6 June 2007). "Secret Service Operative Moonlights as Identity Thief". Retrieved 16 August 2015.
- ^ Zetter, Kim (1 July 2013). "9 Years After Shadowcrew, Feds Get Their Hands on Fugitive Cybercrook". Retrieved 16 August 2015.
- ^ "Gollumfun (Part 1) – Darknet Diaries". darknetdiaries.com. Retrieved 2022-11-30.
External links
- Archives of shadowcrew.com
- shadowcrews complete forum archives
- 'ShadowCrew Indictment
- Business Week "Hacker Hunters" article
- Another article in Business Week which mentions ShadowCrew in the context of e-gold