FBI seizes major cybercrime forums in coordinated domain takedown
The Federal Bureau of Investigation, along with several other international law enforcement departments, has seized control of several high-profile online platforms linked to cybercrime in a sweeping operation aimed at disrupting digital marketplaces for stolen credentials and hacking tools. The domains of forums Cracked[.]io and Nulled[.]to now redirect to FBI-controlled servers, signaling efforts to dismantle infrastructure that supports cybercriminal activity.
As of Wednesday, visitors to the forums — long criticized as hubs for password theft, software piracy, and credential-stuffing attacks — encountered DNS error messages indicating federal intervention. Eagle-eyed cybersecurity researchers discovered Wednesday that the specialized servers that translate IP addresses into domain names redirected visitors to FBI-owned assets, effectively shutting down access.
Also seized were domains and services belonging to SellIX, which enabled users to create storefronts for illicit goods, and StarkRDP, a Windows remote desktop hosting service, which was allegedly leveraged by threat actors to anonymize attacks.
According to the image on the Cracked and Nulled websites, law enforcement from Australia, France, Germany, Greece, Italy, Spain, and Romania were also involved. Europol also played a role, according to the image.
In a release, Europol said the operation to seize the sites ran from Jan. 28 to Jan. 30. In total, two suspects were arrested, seven properties were searched, 17 servers and 50 electronic devices were seized, along with €300,000 (approximately $313,000) in cash and cryptocurrency.
The FBI did not return CyberScoop’s request for comment.
Both Cracked and Nulled have operated as sprawling marketplaces for cybercriminals, offering “combo lists” (compilations of stolen usernames and passwords), cracked software licenses, and tools that can automate credential-stuffing attacks. These tools and services have fueled data breaches affecting millions of consumers and businesses globally. While some users engaged in ethical hacking discussions, security researchers widely regarded the forums as central to low-tier cybercrime ecosystems.
In a Telegram channel used for status updates, Cracked’s moderator said they were “still waiting for the official court documentation from the data centre and the domain host.”
“We will inform you guys further on those details once we have it,” the post reads. “A sad day indeed for our community.”
Over the past few years, law enforcement offices all over the world have launched operations aimed at dismantling internet forums where cybercriminals proliferate. Last year, an international operation seized BeachForums, a forum where cybercriminals bought and sold hacked and stolen data, compromised credentials, and more.
