An online forum, among one of the more successful English-language forays into cybercrime, was shut down on Wednesday (July 15), and authorities around the world arrested 28 people connected with the site, Forbes reported.
The arrests, tied to the site Darkode, were confirmed by both the Federal Bureau of Investigations and Europol. In the U.S., charges were filed against a dozen individuals, with one of those identified as the creator of the site itself, 27-year-old Wisconsin native Daniel Placek. Others charged included an administrator, Johan Anders Gudmunds, also 27, who is also an alleged creator of Facebook Spreader — a malware that is used to bring Facebook users to a botnet, which functions as an army of infected machines.
And in what Forbes reported represented “one of the more surprising twists” in the case, the financial publication said another of the accused – 20-year-old Morgan Culbertson — had worked for two summers as a mobile malware intern at none other than FireEye, the U.S. cybersecurity firm.
Culbertson has been accused of being the force behind Dendroid malware, which targets the Android operating system, during his time at FireEye – and the malware was allegedly sold through the Darkode site. FireEye, for its part, told Forbes that it had suspended Culbertson from working at the firm.
The Dendroid malware – which enabled users to use Android-powered cameras to take pictures, video, and the phone itself to listen in on conversation – proved lucrative. The toolkit itself was being offered for $300 in bitcoin, but the code itself was selling for as much as $65,000, Forbes reported. There was also a guarantee in place that the malware would slip under the radar of security software and technology.