Infinity Team, a collaboration between Killnet and Deanon Club, has established its own forum and marketplace called Infinity. The forum offers advertisement spaces, paid status for those who want to perform business on the forum, and is currently offering a variety of hacking resources and services through its hack shop, including DDoS services.
Download a Copy Now
Hacker forums are online communities, found on both the clear and darknet, where individuals, ethical and malicious, gather to discuss vulnerabilities, exploits, and other tools used for hacking. The information and knowledge gained from these forums can be valuable and used for various purposes, including improving one's security posture or engaging in illegal activities.
Exploit.in is a Russian hacker forum that has been active for almost two decades. It is a platform where individuals can discuss various topics related to computer security, including hacking techniques, exploits, and vulnerabilities. The forum provides a platform for sharing information and tools, allowing members to collaborate and learn from each other. XSS is another Russian-speaking hacking forum covering similar topics.
Figure 1: Exploit forum
Some of the recent and notable threat actors operating on Exploit and XSS include ransomware operators who are either advertising their operations or engaging in social discussions about trending topics. For example, after the disclosure of the Meris botnet in 2021, a LockBit member going by the alias of 'LockBitSupp,' posted a message requesting the bot herder behind Meris to contact him.
SEIZURE OF RAIDFORUMS
Last year, the U.S. Department of Justice announced the seizure of RaidForums, a popular forum for cybercriminals to buy and sell stolen data. The founder and administrator of the website, Diogo Santos Coelho, was arrested in the U.K. and is currently in custody awaiting extradition to the U.S. The U.S. government, at the time, had obtained judicial authorization to seize three domains associated with the website, which included "Raidforum.com", "Rf.ws", and "Raid.lol". Before its seizure, RaidForums' members used the platform to sell hundreds of databases of stolen data containing over 10 billion unique records for individuals worldwide.
Figure 2: RaidForums takedown announcement
Figure 3: Solaris marketplace
SOLARIS DARKNET MARKETPLACE
Solaris was a prominent darknet marketplace. Online marketplaces allow members to buy and sell illegal goods including narcotics, exploits, and credentials. To ensure everyone's privacy, these marketplaces utilize encryption and other anonymity-enhancing technologies such as Tor and I2P. Despite the inherent risks, over the last decade, darknet marketplaces have become a popular avenue for criminals due to the ease of access and difficulty for law enforcement to track their activity.
SEIZURE OF HYDRA
The U.S. Justice Department, in coordination with German law enforcement, announced last year that they shut down the largest darknet marketplace Hydra. The marketplace, used primarily by Russian-speaking members, facilitated the sale of illegal goods and services, including drugs, financial information, and laundering services. Officials, at the time, also announced charges against a Russian resident, Dmitry Pavlov, for conspiracy to distribute narcotics and commit money laundering in connection to his operation and administration of the servers used to run Hydra.
Figure 4: Hydra marketplace takedown announcement
Figure 5: Solaris landing page after Kraken hijacked it
On January 13th, 2022, Solaris was hacked and taken over by a rival marketplace, Kraken. Last year, Solaris and Kraken replaced Hydra following its takedown as one of the largest darknet marketplaces. Solaris processed approximately $150 million in sales of drugs and other illicit goods. Solaris had also previously donated to the pro-Russian hacktivist group Killnet, which allegedly helped Solaris to gain market share on Kraken. The takeover by Kraken, which is also considered a Russian-minded marketplace, was purely driven by market interests and not based on politics.