Torum Hackers Sweat Arrest After ‘w0zniak’ Busted By FBI

‘It’s good to see companies like Datto and Huntress hit them with a dose of their own medicine,’ says Zac Paulson, who runs TrueIT, an MSP based in West Fargo, N.D.

Hackers on the now-infamous dark web bulletin board Torum are looking over their shoulder after a channel vendor team-up saw one of that board’s users put in handcuffs, a recent post to the community shows.

The Feb. 11 Torum entry titled “Anybody see that our friend “W0zniak” Was Busted?” not only lamented his arrest -- including a link to the CRN story -- but served as a way to warn hackers that their posts are being watched.

“Think things through and stay safe everybody,” warned Torum poster “AriTheGreat.”

Torum is where Datto’s dark web scanner found an ad by the alleged hacker “w0zniak,” which offered access to his boss’s virtual private servers and about 20 customers in September. The asking price was $600 in bitcoin. Datto and Huntress Labs worked together to coax w0zniak into providing a screenshot of the network he was selling access to, then using the customer name’s on those servers, security researchers managed to track down the MSP, Chimera Technologies in Georgia.

Another Torum user cautioned hackers that Huntress Labs was “just socially engineered their way” to catching “w0zniak,” the alleged cyber criminal who the FBI identified as 26-year-old Marquavious D. Britt. Britt has been indicted on two separate counts of computer crimes. He was released on GPS monitoring coupled with house arrest, following his appearance in U.S. District Court in Atlanta on Jan. 22.

“They basically messaged him pretending to be a buyer, and eventually just socially engineered their way to catching him,” wrote Torum user “risingstar07.”

Elite Member “D1sgrunt13,” who has been commenting on Torum for two years wrote “no (expletive) way.”

“Torum keeps popping up in the news like this … (sic) is going to give the forum a bad name or something lol,” that post read.

Reading heightened concern expressed among a hacker community that has regularly tried to hijack MSPs and infect their customers with ransomware, was met with some glee among solution providers who said it’s about time the online criminals begin to sweat.

“It’s good to see companies like Datto and Huntress hit them with a dose of their own medicine,” said Zac Paulson, who runs TrueIT, an MSP based in West Fargo, N.D. “Looks like they are a bit nervous for sure.”

Richard Delaney, chief technology officer at Delaney Computer Services in New York City and New Jersey, said while this was all good to see, law enforcement is technologically very far behind hackers, who are often viewed to be carrying out “victim-less crimes.”

“The media is starting to pay more attention to cyber crime, shining a light into the corners of the dark web. Now the rats are starting to scurry out,” Delaney said. “This only changes when hackers are seen as the real criminals that they are and are prosecuted like real felons and do real time.”

Ben Niernberg, executive vice president at Buffalo Grove, Ill.-based MNJ Technologies, said it’s a good start, but he hopes that authorities will keep turning up the pressure on hackers.

“Certainly I’m glad to see they are starting to understand the risks involved with this behavior,” he said. “But this is just the very tip of the iceberg … it can’t just be a one-time thing. It has to be ongoing in terms of the ability of the government to go after those and prosecute those that continue to do this. While it’s a great first step. It’s the tip of the iceberg. They have to be diligent and stay committed to doing this on a regular basis.”