Did Anti-Spam Group Create a Backstory For DarkMarket's Undercover Fed?
Did Anti-Spam Group Create a Backstory For DarkMarket's Undercover Fed? - Via Threat Level:
Did a leading spammer-tracking site help create a Ludlow-esque background legend for an undercover FBI agent infiltrating the computer underground?
One of the mysteries still surrounding the FBI's bold sting operation against DarkMarket's computer fraudsters concerns the online identity assumed by Pittsburgh FBI agent J. Keith Mularski, who took control of the top English-speaking crime website under the handle Master Splynter.
At the time Mularski joined DarkMarket as an administrator two years ago, the U.K.-based spam fighting site Spamhaus featured an extensive public profile of Master Splynter, complete with a laundry list of nefarious activities sufficient to assure any member of the computer underground of Splynter's bona fides.
Pavel Kaminski aka "Master Splyntr" runs a loosely organized spam and scam crew from Eastern Europe. Possibly a BadCow affiliate. He is linked to:
proxy spam
phishing
pump'n'dump
javascript exploits
carder forums
botnets
The profile goes on to include samples of scammy spam messages allegedly sent out by "Pavel Kaminski."
Yesterday, we theorized that Mularski took over Master Splytner's identity sometime after 2005. If he did, though, he didn't just take the handle. Mularski was using the same ICQ number and e-mail address identified as Splytner's on Spamhaus.
And, interestingly, the Master Splynter profile was mysteriously removed from Spamhaus Monday a few hours after German radio first reported the DarkMarket sting.
I asked Spamhaus about the removal yesterday, and a spokesman said it was a routine purge of old information. But noting that Spamhaus has a working relationship with the non-profit National Cyber Forensics Training Alliance in Pittsburgh -- where Mularski ran the sting -- Threat Level reader NuffSaidFred theorizes that "Pavel Kaminski" never existed.
"Did Spamhaus create a fake history of badness to back Splynter up with the forum criminals," he writes. "Or is it just a huge coincidence that Spamhaus has a 'NCFTA' logo on their site which just happens to be the Fed agency Splynter operated from?! Ha!"
We posed that question to Spamhaus founder Steve Linford today.
"We do work with the NCFTA (we also recently got an award from them ... which we're very proud of), but we can not comment on the DarkMarket sting operation," Linford wrote.
The award is dated September 29, two weeks after Master Splynter announced DarkMarket's closure. But we can't find a press release about it anywhere. It's kind of reminiscent of the highly-classified honors the CIA hands out to covert operatives.
The NCFTA's civilian CEO, Ron Plesco, didn't immediately return a phone call Tuesday. I toured the NCFTA last month, and Plesco said he wasn't aware of any sting operation being run by the office's seven-agent FBI unit.
See Also:
- Cybercrime Supersite 'DarkMarket' Was FBI Sting, Documents Confirm
- Notorious Crime Forum DarkMarket Goes Dark
- Turkish Police Arrest Alleged ATM Hacker-Kidnapper
- Hacker Reportedly Kidnaps and Tortures Informant, Posts Picture as Warning
(Read Original Article - Via Threat Level.)
Twitter
Digg
StumbleUpon
Technorati
del.icio.us
Facebook
Furl
LinkedIn
YahooRecent blog posts
- In Bid to Sway Sales, Cameras Track Shoppers
- Unprecedented 25-Year Sentence Sought for TJX Hacker
- EFF Appeals Dismissal of Warrantless Wiretapping Case
- Viacom Makes Its Case Against Yesterday's YouTube
- Obama supports Senators draft plan to rework U.S. immigration policy - Includes National Biometric ID card for all.
- Domain Names Can't Defend Themselves
- Hacker Disables More Than 100 Cars Remotely
- Judges Approves $9.5 Million Facebook ‘Beacon’ Accord
- Hooking Up The Big Brother Machine... And Fighting It
- Court: State Can Dump Non-Sex Offenders Into Registry
