The US Department of Justice (DOJ) has charged 36 suspects for their role in Infraud, a cyber-criminal organization that has been involved in the acquisition, sale, and dissemination of stolen identities, stolen debit and credit card data, personally identifiable information (PII), financial and banking information, computer malware, and other.
Of the 36 suspects, the DOJ says law enforcement agencies across seven countries have already arrested 13 individuals.
According to a DOJ indictment, the suspects ran or frequented an underground forum named Infraud, previosuly located at infraud[.]cc and infraud[.]ws, but moved to new, more secretive URLs since its creation, in October 2010.
Investigators say the forum was a common meeting place for cyber-criminals peddling stolen credit/debit card information obtained by breaching the online servers of various companies, or via PoS or ATM malware.
The Infraud forum evolved across the years from a basic "carding forum" for dumping "fullz" to a central hub where many cyber-criminals involved in online fraud met to exchange or learn new techniques, advertise their own carding shops, or sell adjacent hardware (equipment), software (malware), or services that aided other cyber-criminals.
Infraud had a similar members hierarchy seen on Dark Web marketplaces such as AlphaBay or Hansa Market, with administrators (4DMini57r470rz), super-moderators (Super
MODER470R5), and moderators (M0d3r4
70r2) ruling over regular users such as vendors (known as Professors or Doctors), VIP members (Fratello Masons), and regular members (Phr4Ud573r).
Each user category had a strict set of rules it needed to abide by. Access to the Infraud community and all its benefits was restricted to only manually-approved users, with administrators regularly removing inactive users or members who violated community rules.
The Infraud's community's leader was a man named Svyatoslav Bondarenko ("Obnon," "Rector," "Helkern,") 34, of Ukraine, which was also an administrator of the now-defunct Darklife.ws carding forum.
The other 35 suspects charged by the DOJ, varying from moderators to lowly users, include:
The DOJ indictment suggests members didn't know each other's real names and retained anonymity when doing business with each other.
Arrests were made in Australia, France, Italy, Kosovo, Serbia, the UK, and the US. Law enforcement agencies from Albania and Luxembourg also participated in the investigation.
The Infraud organization's name came from its forum motto: In Fraud We Trust! The law enforcement operation to take down Infraud was named Operation Shadow Web.