ShadowCrew
From Wikipedia, the free encyclopedia
ShadowCrew was an international crime message board that offered a haven for carders or "hackers" to trade, buy, and sell anything from stolen personal information, to hacked credit card numbers and false identification. Shadowcrew emerged from another underground site, www.counterfeitlibrary.com in early 2002 and would be followed up by www.carderplanet.com, a primarily Russian site. It was created by a handful of people, most notably Kidd (real name is unknown), MacGyver (Kim Taylor), and CumbaJohnny, who would later become an informant for the Secret Service beginning April 2003. Other key players who would become Administrators and Moderators were Deck (Andrew Mantovani), BlackOps (David Appleyard) and a handful of others.
Shadowcrew grew to over "3,000 members" (many were "clones" and inactive accounts) worldwide with a small group of members leading the forums. During its early years, the site was hosted overseas, in Hong Kong, but shortly before CumbaJohnny's arrest, the server was in his possession, somewhere in New Jersey. The site worked off a "Review Process." If you had items you would like to sell, such as forged documents or credit card numbers, you would send them into high-ranking members for review. If you passed the review process you became a "Vendor" on Shadowcrew and were given permission to sell your wares.
The site flourished from the time it opened in 2002 until its demise in late October 2004. Even though the site was booming with criminal activity and all seemed well, the members did not know what was going on behind the scenes. Federal agents, who gained nothing but headaches from tracking Internet crime, received their "big break," when they found CumbaJohnny. Upon Cumba's arrest, he immediately turned and started working with federal agents. From April 2003 to October 2004, Cumba assisted in gathering, entrapping, and monitoring the site and those who dwelled on it. He started by taking out many of the Russians who were hacking databases and selling counterfeit credit cards. Some of the first to be arrested before Oct. 2004, were Bigbuyer, BOA, and Wolfrum. Although they were being arrested, no reports of it being linked to Shadowcrew ever came about at the time.
Business continued as usual on Shadowcrew, credit cards were sold and identification forged, all while the Secret Service monitored everything that went on and built cases against high ranking members. Most members were aware that authorities would monitor the site and took measures to prevent their identities from being known. These tactics included proxies, VPNs (Virtual Private Networks), WiFi and other anonymizing techniques. However, members that trusted CumbaJohnny's VPN Service would be the ones that would face their ultimate downfall. CumbaJohnny offered a VPN service as a way for well-known members to connect to the internet through a secure gateway. VPNs were thought to be a reasonably safe method to stay anonymous in the community, but were always considered slightly risky due to the safety being in the hands of the person who maintained it. Nearly all of the top ranking members who were still around in 2004, used Cumba's VPN.
After a year of monitoring and building evidence against the members of Shadowcrew, the Secret Service finally played their cards, hoping no one had caught on. The government, as paranoid as any of the criminals on the site, became worried when a member of Shadowcrew who went by Ethics (Nicolas Jacobsen), allowed several members to see confidential documents he had obtained through hacking the databases of T-Mobile with an SQL injection. The documents belonged to a Secret Service agent who had been tracking both Jacobsen and Shadowcrew. Allegedly, the documents gave a list of names and drop addresses of certain former (now arrested) and perhaps current Shadowcrew Members. Cumba, being the top member of Shadowcrew after Kidd's departure and MacGyver's arrest, was made aware of bits of the information by others who had seen it. Although it isn't certain who saw the information or what it was exactly, it contained, it must have not been enough to alarm anyone.
On October 26, 2004 the Secret Service, in accordance with police around the world, conducted a series of raids on 28 members of Shadowcrew, within a total of eight to ten hours. Within days, the arrests were blown out of proportion in the mainstream media, claiming all sorts of wild accusations, such as Shadowcrew being an "Internet Mafia" and Mantovani as the "Godfather." Every article failed to mention that the actual person running the site was really the informant. Aside from that, Shadowcrew was not the mafia — there was no centralized account, threats by Administrators and Moderators never came to more than a banning, which would in the admonished member created a new account within minutes. In actuality, Shadowcrew was more-or-less like every other forum, only it was a forum dedicated to fraud. Other such claims were monetary figures running into the millions that were backed by no evidence.
It has not been stated, but one can assume that these members were all users of CumbaJohnny's VPN Service, which led to their locations. Those who had not been caught, either did not use the VPN, were not important enough to arrest, or had been ostracized from the community. As of August 2006, most of those indicted after October 2004 have pled guilty and have been sentenced. The most publicized and longest sentence was that of Mr. Mantovani, who was given 32 months in a Federal Prison Camp.
It is believed that the void left by these forums was picked up by various law enforcement agencies to try and carry on in their crusade against fraud. Many sites appeared after Shadowcrew's demise, one of which was specifically focused on unraveling the mysteries of what actually happened. This site, thegrifters.net, was run by a formerlly indicted member (El Mariachi) in which he converted his old fraud site to an investigative site. Members of this group uncovered and compiled many pieces of information on the indicted members of shadowcrew untill thegrifters.net was taken down in early 2006.
[edit] Clarifications
4,000 members: The Federal indictment says: “Shadowcrew was an international organization of approximately 4,000 members…” There is no proof of there actually being 4,000 members. The last available page before October 27, 2004 on archive.org[1] shows 2,709 registered members. Even this number is not an accurate estimate of the true number of members as registration was free. To people familiar with the ShadowCrew forum, it is well known that many members had multiple user names. Members who were banned from the forum would frequently register with another user name as well. Lastly, the forum was around for over 2 years so there were likely many inactive accounts.
$4 million dollars in losses: The government was unable to find any concrete proof that the defendants in Operation: Firewall were responsible for any specific losses. The $4,000,000 figure was arrived at by multiplying the number of credit cards transferred by $500 each (as per federal law when no monetary figure in a fraud case can be determined). This figure assumes that every single card was valid and had been used. [2]
[edit] External links
- Archives of shadowcrew.com
- 'ShadowCrew Indictment
- Business Week "Hacker Hunters" article
- Another article in Business Week which mentions ShadowCrew in the conext of e-gold