Digital Shadows released a new dark web research blog on CryptBB, an exclusive online community for elite hackers and cybercriminals.
According to Digital Shadows, CryptBB is an English-language dark web cybercriminal forum that describes itself as an advanced “Cyber Security and Hacking Forum powered by LongPig and Power” (the usernames of two of the forum’s administrators). The forum has been active on Tor since 2017 and was launched at a similar time to a multitude of other English-language private forums. The forum is well-known to highly competent hackers, carders and programmers across the English cybercriminal community.
Since the forum’s launch in 2017, the site has only accepted new members following a rigorous application and interview process, the research notes. The process involves the applicant proving their skill and knowledge on a chosen area of expertise, "leaving no room for those who fail to meet the required standards. However, in late 2019 the forum introduced a section for “newbies” who had failed the forum application process. This was intended as a designated safe space for users to enhance their skills, learning from one another as well as from more established members–remarkably similar to a magic workshop!" says the Digital Shadows Photon Research Team.
In early June 2020, Digital Shadows identified a “subdread” dedicated to CryptBB on the dark web community forum Dread.
"A subdread enables CryptBB to reach a wider audience across the dark web (Dread has a far-reaching and loyal user base) and allows the administration team to interact with Dread members or interested applicants who wish to apply," writes the Photon Research Team. "On this subdread, CryptBB proclaims itself to be an excellent forum for “newbie” hackers, programmers, and carders eager to start on their journey while also remaining a private platform for “advanced” members who can partake in quality discussions and share expertise."
In the past, CryptBB’s administration team has advertised a few dedicated services that the forum itself and its members can offer, to include RDP sales provided directly by the forum (as announced on the English-language cybercriminal forum Torum in January 2020) and “hackers for hire” services (where members of the CryptBB forum who specialize in hacking are recommended for specific requests based on the vetting procedures of the forum, as seen on Dread in early 2020). Since May 2020, the CryptBB administration team has offered penetration testing and bug-reporting services to marketplaces, with the assurance that the interested platform would have complete discretion and “there won’t be any drama.” Each of the above services is advertised on behalf of the forum itself, reports the Photon Research Team.
Digital Shadows has some theories on why CryptBB may have started a new section for "newbies":
- An established “private” forum may introduce a dedicated section for newbies to expose its secrets so that methods and strategies can be preserved and improved upon with time as both technology and knowledge advance.
- A means to give back to the cybercriminal community
- Exposes the forum to a larger audience
- Establishes a foothold within the cybercriminal scene
So, what's next for CryptBB? The Photon Research Team says, "CryptBB is now in a precarious position. If it continues on its trajectory, it may establish a membership full of competent and knowledgeable cybercriminals that could rival any platform and push the site into the realm of David Blaine and David Copperfield — the elites in their field. However, if CryptBB fails to engage on other platforms and encourage users to use the forum’s services, join the site, and partake in discussions, the forum could become another failure, like Madame DeLinsky’s 1820 bullet catch attempt. Then, alas, the forum may cease to exist entirely."