
An Europol-supported operation has dismantled two of the internet’s largest and most notorious cybercrime forums: Cracked and Nulled. These platforms, having a combined user base of over 10 million, acted as sprawling marketplaces for illegal goods and services, effectively lowering the barrier to entry for aspiring cybercriminals. As Europol stated, these sites were “one-stop shops… used not only for discussions on cybercrime but also as marketplaces for illegal goods and cybercrime-as-a-service, such as stolen data, malware or hacking tools.”
The takedown, executed between January 28th and 30th and led by German authorities with the involvement of eight countries, represents a significant victory in the fight against online crime. The operation resulted in the arrest of two suspects, the seizure of seven properties, 17 servers, and over 50 electronic devices. Authorities also confiscated around €300,000 in cash and cryptocurrencies, along with 12 domains associated with Cracked and Nulled. The reach of the operation extended further, taking down associated services including Sellix, a financial processor used by Cracked, and StarkRDP, a hosting service promoted on both platforms and operated by the same suspects. Investigators estimate that the suspects raked in a staggering €1 million in criminal profits.
Europol played a crucial role in the operation, providing “operational, analytic and forensic support to authorities involved in the case.” They deployed specialists and analysts on the ground to collaborate directly with German investigators, and their European Cybercrime Centre (EC3) facilitated information exchange through the Joint Cybercrime Action Taskforce (J-CAT). This collaborative approach underscores Europol’s commitment to “act as the broker of law enforcement knowledge, providing a hub through which Member States can connect and benefit from one another’s and Europol’s expertise.”
The takedown highlights the growing threat of “cybercrime-as-a-service.” Platforms like Cracked and Nulled have become hubs for individuals with varying levels of technical skill, offering readily available tools and infrastructure for launching cyberattacks. This cybercrime is facilitated by the sharing of vulnerabilities, tutorials on malware creation, and other malicious activities. “These two forums also offered AI-based tools and scripts to automatically scan for security vulnerabilities and optimise attacks,” Europol noted. The platforms even facilitated the development and sharing of advanced phishing techniques, sometimes leveraging AI for more personalized and convincing attacks.