Four international suspects have been indicted by a grand jury in connection with the operation of the now defunct hacking forum Darkode. One of the three suspects has been arrested in the United States. The suspects overseas are still at large.
A criminal indictment and four arrest warrants were unsealed today charging an American, a Slovenian, a Serbian, and a Spaniard with a racketeering conspiracy to develop and distribute malware through the major computer hacking forum known as Darkode.
U.S. Attorney Jessie K. Liu for the District of Columbia, and John Selleck, Acting Assistant Director in Charge of the FBI’s Washington Field Office made the announcement.
- Thomas McCormick, aka fubar, 26, of Washington state, in the United States;
- Matjaz Skorjanc, aka iserdo aka serdo, 32, of Maribor, Slovenia;
- Florencio Carro Ruiz, aka NeTK aka Netkairo, 40, of Vizcaya, Spain;
- and Mentor Leniqi, aka Iceman, 35, of Gurisnica, Slovenia.
have been charged with:
- racketeering conspiracy
- conspiracy to commit wire fraud and bank fraud.
Under the reckateering conspiracy, the defentants also face the charges of:
- conspiracy to commit bank, wire, and access device fraud;
- identity theft;
- and extortion.
McCormick is also charged with five counts of Aggravated Identity Theft.
The indictment was filed under seal on Dec. 4, 2018, in the U.S. District Court for the District of Columbia. McCormick was arrested on Dec. 10, 2018, at the FBI’s Washington Field Office in Washington, D.C. Skorjanc, Leniqi, and Ruiz remain fugitives.
As alleged in the charging documents, Darkode was a criminal organization centered around an online, password-protected criminal forum where high-level international hackers and other cyber-criminals convened to develop, buy, sell, trade, and share hacking tools, information, and ideas. Before becoming a member of Darkode, prospective members were vetted through a process in which an existing member invited a prospective member to the forum to present the skills or products that he or she could bring to the group. Darkode members allegedly used each other’s skills and products to infect computers and electronic devices of victims around the world with malware and, thereby gain access to, and control over, those devices.
The investigation was conducted by Europol’s European Cyber Crime Center (EC3) and the FBI in Washington D.C.