Did Anti-Spam Group Create a Backstory For DarkMarket's Undercover Fed?
Did Anti-Spam Group Create a Backstory For DarkMarket's Undercover Fed? - Via Threat Level:
Did a leading spammer-tracking site help create a Ludlow-esque background legend for an undercover FBI agent infiltrating the computer underground?
One of the mysteries still surrounding the FBI's bold sting operation against DarkMarket's computer fraudsters concerns the online identity assumed by Pittsburgh FBI agent J. Keith Mularski, who took control of the top English-speaking crime website under the handle Master Splynter.
At the time Mularski joined DarkMarket as an administrator two years ago, the U.K.-based spam fighting site Spamhaus featured an extensive public profile of Master Splynter, complete with a laundry list of nefarious activities sufficient to assure any member of the computer underground of Splynter's bona fides.
Pavel Kaminski aka "Master Splyntr" runs a loosely organized spam and scam crew from Eastern Europe. Possibly a BadCow affiliate. He is linked to:
proxy spam
phishing
pump'n'dump
javascript exploits
carder forums
botnets
The profile goes on to include samples of scammy spam messages allegedly sent out by "Pavel Kaminski."
Yesterday, we theorized that Mularski took over Master Splytner's identity sometime after 2005. If he did, though, he didn't just take the handle. Mularski was using the same ICQ number and e-mail address identified as Splytner's on Spamhaus.
And, interestingly, the Master Splynter profile was mysteriously removed from Spamhaus Monday a few hours after German radio first reported the DarkMarket sting.
I asked Spamhaus about the removal yesterday, and a spokesman said it was a routine purge of old information. But noting that Spamhaus has a working relationship with the non-profit National Cyber Forensics Training Alliance in Pittsburgh -- where Mularski ran the sting -- Threat Level reader NuffSaidFred theorizes that "Pavel Kaminski" never existed.
"Did Spamhaus create a fake history of badness to back Splynter up with the forum criminals," he writes. "Or is it just a huge coincidence that Spamhaus has a 'NCFTA' logo on their site which just happens to be the Fed agency Splynter operated from?! Ha!"
We posed that question to Spamhaus founder Steve Linford today.
"We do work with the NCFTA (we also recently got an award from them ... which we're very proud of), but we can not comment on the DarkMarket sting operation," Linford wrote.
The award is dated September 29, two weeks after Master Splynter announced DarkMarket's closure. But we can't find a press release about it anywhere. It's kind of reminiscent of the highly-classified honors the CIA hands out to covert operatives.
The NCFTA's civilian CEO, Ron Plesco, didn't immediately return a phone call Tuesday. I toured the NCFTA last month, and Plesco said he wasn't aware of any sting operation being run by the office's seven-agent FBI unit.
See Also:
- Cybercrime Supersite 'DarkMarket' Was FBI Sting, Documents Confirm
- Notorious Crime Forum DarkMarket Goes Dark
- Turkish Police Arrest Alleged ATM Hacker-Kidnapper
- Hacker Reportedly Kidnaps and Tortures Informant, Posts Picture as Warning
(Read Original Article - Via Threat Level.)
Delicious
Digg
Reddit
Google
Yahoo
TechnoratiRecent blog posts
- A Remedy for Every Wrong? Why We Need a Consistent Privacy Act
- Give Me My Health Data!
- CDT, EFF and PK File Brief in Ringtones Case
- Pirate Bay 2.0: Pay Pirates to Become Consumers
- Judge Acquits Lori Drew in Cyberbullying Case, Overrules Jury
- Apple patching serious SMS vulnerability on iPhone
- Enter the Advertisers - self-regulatory principles ?
- Out of business, Clear may sell customer data
- TSA asked to ensure safety of customer data after Clear closing
- Several Facts about Google and HTTPS
