ShadowCrew

From Wikipedia, the free encyclopedia

This article does not cite any references or sources. (September 2006)
Please help improve this article by adding citations to reliable sources. Unverifiable material may be challenged and removed.

The tone or style of this article or section may not be appropriate for Wikipedia.
Specific concerns may be found on the talk page. See Wikipedia's guide to writing better articles for suggestions.(December 2007)

ShadowCrew was an international crime message board that offered a haven for carders or "hackers" to trade, buy, and sell anything from stolen personal information, to hacked credit card numbers and false identification. Shadowcrew emerged from another underground site, counterfeitlibrary.com in early 2002 and would be followed up by carderplanet.com, a primarily Russian site.

1 Administration
2 Downfall
3 Clarifications
4 See also
5 External links

[edit] Administration

It was created by a handful of people, most notably Kidd (real name is unknown), MacGyver (Kim Taylor), and CumbaJohnny, who would later become an informant for the Secret Service beginning April 2003. Other key players who would become Administrators and Moderators were Deck (Andrew Mantovani), BlackOps (David Appleyard) and a handful of others. Shadowcrew grew to over "3,000 members" (many were "clones" and inactive accounts) worldwide with a small group of members leading the forums. During its early years, the site was hosted overseas, in Hong Kong, but shortly before CumbaJohnny's arrest, the server was in his possession, somewhere in New Jersey. The site worked off a "Review Process." If you had items you would like to sell, such as stolen credit card numbers, "plastic" (fake credit cards), dumps (the information encoded onto the magnetic strip of a credit card), fake ids for a bunch of different states, call forwarding services, credit report look-ups, full infos (which would allow someone to apply for a credit card, a bank account and other miscellaneous things), DDoS attacks, custom trojan software to log credit card information, online banking information, ebay account logins, egold account logins, and paypal logs, hologram manufacturers who would make holograms for different states, carding services, where usually you would get 30% off the MSRP of whatever you wanted and the vendor would buy the merchandise with a stolen credit card and either buy it instore or online; bulletproof hosting for spamming and phishing websites,who used to sell stolen or carded items on their ebay account for a fee, and also drop services (where someone would set up anonymous mailboxes and have people send stuff for a certain fee and then ship it off to the customer.)

[edit] Downfall

The site flourished from the time it opened in 2002 until its demise in late October 2004. Even though the site was booming with criminal activity and all seemed well, the members did not know what was going on behind the scenes. Federal agents, who gained nothing but headaches from tracking Internet crime, received their "big break" when they found CumbaJohnny. Upon Cumba's arrest, he immediately turned and started working with federal agents. From April 2003 to October 2004, Cumba assisted in gathering, entrapping, and monitoring the site and those who dwelled on it. He started by taking out many of the Russians who were hacking databases and selling counterfeit credit cards. Some of the first to be arrested were Bigbuyer, BOA, and Wolfrum. Although they were being arrested, no reports of it being linked to Shadowcrew ever came about at the time.

Business continued as usual on Shadowcrew, credit cards were sold and identification forged, all while the Secret Service monitored everything that went on and built cases against high ranking members. Most members were aware that authorities would monitor the site and took measures to prevent their identities from being known. These tactics included proxies, VPNs (Virtual Private Networks), WiFi and other anonymizing techniques. However, members that trusted CumbaJohnny's VPN Service would be the ones that would face their ultimate downfall. CumbaJohnny offered a VPN service as a way for well-known members to connect to the internet through a secure gateway. VPNs were thought to be a reasonably safe method to stay anonymous in the community, but were always considered slightly risky due to the safety being in the hands of the person who maintained it. Nearly all of the top ranking members who were still around in 2004 used Cumba's VPN.

After a year of monitoring and building evidence against the members of Shadowcrew, the Secret Service finally played their cards, hoping no one had caught on. The government, as paranoid as any of the criminals on the site, became worried when a member of Shadowcrew who went by Ethics (Nicolas Jacobsen), allowed several members to see confidential documents he had obtained through hacking the databases of T-Mobile with an SQL injection. The documents belonged to a Secret Service agent who had been tracking both Jacobsen and Shadowcrew. Allegedly, the documents gave a list of names and drop addresses of certain former (now arrested) and perhaps current Shadowcrew Members. Cumba, being the top member of Shadowcrew after Kidd's departure and MacGyver's arrest, was made aware of bits of the information by others who had seen it. Although it isn't certain who saw the information or what it was exactly, it contained, it must have not been enough to alarm anyone.

On October 26, 2004 the Secret Service, in cooperation with police around the world, conducted a series of raids on 28 members of Shadowcrew, spanning a total of eight to ten hours. Within days, the arrests were blown out of proportion in the mainstream media, claiming all sorts of wild accusations, such as Shadowcrew being an "Internet Mafia" and Mantovani as the "Godfather." Almost every article failed to mention that the actual person running the site was really the informant who helped law enforcement officials penetrate the group. Aside from that, Shadowcrew was not the mafia — there was no centralized account, threats by Administrators and Moderators never came to more than a banning, which would result in the admonished member creating a new account within minutes. In actuality, Shadowcrew was more-or-less like most other Internet forums, it just happened to be dedicated to fraud. Other claims made by the media included monetary losses totaling millions of dollars, however no evidence for such losses was ever made public.

It has not been stated, but one can assume^{[citation needed]} that these members were all users of CumbaJohnny's VPN Service, which led to their locations. Those who had not been caught either did not use the VPN, were not important enough to arrest, or had been ostracized from the community. As of August 2006, most of those indicted after the October 2004 raids have pled guilty and have since been sentenced. The most publicized and longest sentence was that of Mr. Mantovani, who was given 32 months in a Federal Prison Camp.

It is believed that the void left by these forums was picked up by various law enforcement agencies to try and carry on in their crusade against fraud. Many sites appeared after Shadowcrew's demise, one of which was specifically focused on unraveling the mysteries of what actually happened. This site, thegrifters.net, was run by a formerly indicted member (El Mariachi) in which he converted his old fraud site to an investigative site.[1] Members of this group uncovered and compiled many pieces of information on the indicted members of Shadowcrew until thegrifters.net was taken down in early 2006.

[edit] Clarifications

4,000 members: The Federal indictment says: “Shadowcrew was an international organization of approximately 4,000 members…” There is no proof of there actually being 4,000 members. The last available page before October 27, 2004 on archive.org[2] shows 2,709 registered members. Even this number is not an accurate estimate of the true number of members as registration was free. To people familiar with the ShadowCrew forum, it is well known that many members had multiple user names. Members who were banned from the forum would frequently register with another user name as well. Lastly, the forum was around for over 2 years so there were likely many inactive accounts.

$4 million dollars in losses: The government was unable to find any concrete proof that the defendants in Operation: Firewall were responsible for any specific losses. The $4,000,000 figure was arrived at by multiplying the number of credit cards transferred by $500 each (as per federal law when no monetary figure in a fraud case can be determined). This figure assumes that every single card was valid and had been used. [3]