meta name="twitter:card" content="summary" />

Infinity Forum: Another Killnet Social Circle


February 9, 2023 05:00 PM

Infinity Team, a collaboration between Killnet and Deanon Club, has established its own forum and marketplace called Infinity. The forum offers advertisement spaces, paid status for those who want to perform business on the forum, and is currently offering a variety of hacking resources and services through its hack shop, including DDoS services.

Download a Copy Now

Background

Hacker forums are online communities, found on both the clear and darknet, where individuals, ethical and malicious, gather to discuss vulnerabilities, exploits, and other tools used for hacking. The information and knowledge gained from these forums can be valuable and used for various purposes, including improving one's security posture or engaging in illegal activities.

EXPLOIT FORUM

Exploit.in is a Russian hacker forum that has been active for almost two decades. It is a platform where individuals can discuss various topics related to computer security, including hacking techniques, exploits, and vulnerabilities. The forum provides a platform for sharing information and tools, allowing members to collaborate and learn from each other. XSS is another Russian-speaking hacking forum covering similar topics.

Figure 3: KillMilk interview with Russia Today Figure 1: Exploit forum

Some of the recent and notable threat actors operating on Exploit and XSS include ransomware operators who are either advertising their operations or engaging in social discussions about trending topics. For example, after the disclosure of the Meris botnet in 2021, a LockBit member going by the alias of 'LockBitSupp,' posted a message requesting the bot herder behind Meris to contact him.


SEIZURE OF RAIDFORUMS

Last year, the U.S. Department of Justice announced the seizure of RaidForums, a popular forum for cybercriminals to buy and sell stolen data. The founder and administrator of the website, Diogo Santos Coelho, was arrested in the U.K. and is currently in custody awaiting extradition to the U.S. The U.S. government, at the time, had obtained judicial authorization to seize three domains associated with the website, which included "Raidforum.com", "Rf.ws", and "Raid.lol". Before its seizure, RaidForums' members used the platform to sell hundreds of databases of stolen data containing over 10 billion unique records for individuals worldwide.

SEIZURE OF RAIDFORUMSFigure 2: RaidForums takedown announcement
SOLARIS DARKNET MARKETPLACEFigure 3: Solaris marketplace

SOLARIS DARKNET MARKETPLACE

Solaris was a prominent darknet marketplace. Online marketplaces allow members to buy and sell illegal goods including narcotics, exploits, and credentials. To ensure everyone's privacy, these marketplaces utilize encryption and other anonymity-enhancing technologies such as Tor and I2P. Despite the inherent risks, over the last decade, darknet marketplaces have become a popular avenue for criminals due to the ease of access and difficulty for law enforcement to track their activity.

SEIZURE OF HYDRA

The U.S. Justice Department, in coordination with German law enforcement, announced last year that they shut down the largest darknet marketplace Hydra. The marketplace, used primarily by Russian-speaking members, facilitated the sale of illegal goods and services, including drugs, financial information, and laundering services. Officials, at the time, also announced charges against a Russian resident, Dmitry Pavlov, for conspiracy to distribute narcotics and commit money laundering in connection to his operation and administration of the servers used to run Hydra.

SEIZURE OF HYDRAFigure 4: Hydra marketplace takedown announcement
SOLARIS HIJACKEDFigure 5: Solaris landing page after Kraken hijacked it

SOLARIS HIJACKED

On January 13th, 2022, Solaris was hacked and taken over by a rival marketplace, Kraken. Last year, Solaris and Kraken replaced Hydra following its takedown as one of the largest darknet marketplaces. Solaris processed approximately $150 million in sales of drugs and other illicit goods. Solaris had also previously donated to the pro-Russian hacktivist group Killnet, which allegedly helped Solaris to gain market share on Kraken. The takeover by Kraken, which is also considered a Russian-minded marketplace, was purely driven by market interests and not based on politics.

 

Click here to download a copy of the ERT Threat Alert.

Download Now

 

 

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
CyberPedia
Events