Pierluigi Paganini January 30, 2025

An international law enforcement operation targeted several major cybercrime websites, including Cracked, Nulled, Sellix, and StarkRDP. 

An international law enforcement operation led by Europol, code-named Operation Talent, dismantled several major cybercrime sites, including Cracked, Nulled, Sellix, and StarkRDP. 

The message displayed on the targeted cybercrime websites states that authorities have seized the platforms, along with information about their customers and victims.

The announcement published by Europol states that Cracked and Nulled, two of the largest cybercrime forums in the world, were seized as a result of an operation led by German authorities and involving law enforcement from eight countries (Australia, France, Greece, Italy, Romania, Spain, and the United States).

The two cybercrime communities, Cracked and Nulled, had more than 10 million users. These platforms allowed users to discuss cybercriminal activities and buy or sell illegal goods and cybercrime-as-a-service, including stolen data, malware or hacking tools.

According to the investigators, suspects earned EUR 1 million in criminal profits from the activities linked to the platforms.

Between January 28 and 30, authorities conducted an operation that resulted in significant law enforcement actions. Two suspects were arrested, and searches were carried out at seven properties. Investigators seized 17 servers and more than 50 electronic devices, disrupting potential illicit activities. Additionally, approximately EUR 300,000 in cash and cryptocurrencies were confiscated, highlighting the scale of the operation and the financial assets involved.

“Throughout the course of the action day, 12 domains within the platforms Cracked and Nulled were seized. Other associated services were also taken down; including a financial processor named Sellix which was used by Cracked, and a hosting service called StarkRDP, which was promoted on both of the platforms and run by the same suspects.” reads the announcement published by the EUROPOL.

The operators behind the Cracked platform confirmed the seizure on their Telegram channel.

“Now that everyone has more clarity on the situation, Cracked.io has been seized under operation talent with specific reasons being undisclosed. We are still waiting for the official court documentation from the data centre and the domain host. We will inform you guys further on those details once we have it.

A sad day indeed for our community.” reads their message.

“Cybercrime-as-a-service is a growing trend on platforms like Cracked.io and Nulled.to.” concludes the announcement. “These two forums also offered AI-based tools and scripts to automatically scan for security vulnerabilities and optimise attacks. Advanced phishing techniques are frequently developed and shared on these platforms, sometimes employing AI to create more personalised and convincing messages. As cybercrime becomes more aggressive and confrontational, Europol aims to strengthen the fight against this sort of crime by bringing relevant partners together for cross-border cooperation and joint action.”

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Operation Talent)