informa
/
Risk
Quick Hits

German Authorities Shut Down Cybercrime Ring's Web Forum

Forum sold identity-theft tools, swapped information about malware and manufacturing phony credit cards
Law enforcement officers in Germany have pulled the plug on a notorious Web forum where cybercriminals exchanged malware and password-stealing tools.

The Landeskriminalamt police Internet crime unit announced that it had shut down the www.codesoft.cc forum, which had been used by cybercriminals to swap information on malware, spyware, and making phony credit cards, according to Sophos.

A 22-year-old Swiss man -- known online as "tr1p0d" and the alleged leader of the site -- reportedly sold password-stealing malware. Police confiscated from tr1p0d's apartment incriminating hard drives and codesoft.cc's database of users and IP addresses.

Two German men, both in their 20s, as well, are suspected of infecting some 80,000 computers around the world with tr1p0d's so-called "Codesoft PW Stealer" Trojan, which steals passwords. They also allegedly sold the stolen data to other cybercriminals.

The stolen data was found on a server hosted at a German ISP, which led authorities to the two German suspects, according to a published report. The server housed user names and passwords of the victim machines, as well as online banking, auctions, or online payment account information.

"Obviously the authorities will be keen to identify victims as they put their case against the suspects together, and the public are being reminded of the importance of changing their passwords if they have been compromised," blogged Sophos' Graham Cluley.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5