The domains linked to various online platforms that are linked to crime, such as Cracked, Nulled, Sellix, and StarkRDP, have been destroyed by an international law protection operation.
The work, which took place between January 28 and 30, 2025, targeted the following regions-
- www.cracked.io
- www.nulled.to
- www.mysellix.io
- www.sellix.io
- www.starkrdp.io
Visitors to these sites are now greeted by a seizure symbol that says they were confiscated as part of Operation Talent that included officials from Australia, France, Greece, Italy, Romania, Spain, and the United States, along with Europol.
” This site, as well as the data on the users and subjects of the site, has been seized by foreign law enforcement partners”, the information reads.
Since 2015 and 2018, both Nulled and Cracked have been used to sell different steal resources, including ScrubCrypt, a previous known malware subterfuge website that has been used to deliver stealer malware.
The Damaged maintainers the news on their Telegram channel, saying they are” also waiting for the formal court documents.”
” A terrible time indeed for our community”, they added.
According to Europol, Cracked and Nulled had more than 10 million people in full, acting as underwater sites for illegal goods and crimeware options, such as stolen information, malware or phishing tools. The websites are estimated to have made €1 million ($ 1.04 million ) in profits.
Parallel to the knockdowns, two suspects – a man and a woman, per the – have been apprehended, seven qualities were searched, and 17 machines and over 50 electronic devices were seized. Around €300, 000 in dollars and cryptocurrency were likewise appropriated.
]embedded information]
According to Europol,” Another related services were also shut down, including a financial processor called Sellix, which Cracked used, and a hosting company called StarkRDP, which was promoted on both platforms and operated by the same suspects,” according to the report.
In recent years, law enforcement has focused primarily on destroying crime hubs in an effort to stop liars who are attempting to profit from their illicit warez and assist yet less technically-skilled individuals in carrying out attacks at large scale.
Additionally, the organization added that these two forums provided AI-based tools and scripts to immediately improve attacks and check for security flaws. ” Advanced phishing techniques are frequently developed and shared on these websites, occasionally using AI to deliver more personalized and encouraging information.”
Eight people identified as directly involved in the operation of the criminal justice system, including two German citizens aged 29 and 32 who reside in the Segeberg and Valencia district, according to a coordinated announcement from the Federal Criminal Police Office ( also known as Bundeskriminalamt or BKA ). The various accused range in age from 21 to 29.
According to the Department of Justice ( DoJ), tools and data sold on Cracked have impacted as many as 17 million American victims. A device that gave access to “billions of leaked websites” and made it possible for its customers to look for phishing registration credentials was one of the items sold.
” Cracked had over four million users, listed over 28 million posts advertising cybercrime tools and stolen information, generated approximately$ 4 million in revenue”, the DoJ , adding” Nulled had over five million users, listed over 43 million posts advertising cybercrime tools and stolen information, and generated approximately$ 1 million in yearly revenue”.
The Justice Department has also sealed charges against one of Nulled’s administrators, a 29-year-old Brazilian national live in Spain named Lucas Sohn, for his role as a facilitator of cybercrime by permitting Nulled’s customers to complete unlawful transactions.
Sohn has been accused of conspiring to sell or give away information that could be used to access computers without permission, as well as conspiring to defraud another person into offering an access device or selling information about an access device.
Additionally, he has been accused of conspiring to possess, transfer, or use a means of identification of another person in connection with any unlawful activity that is against federal law.
If convicted, the defendant faces a maximum penalty of five years in prison for conspiracy to traffic in passwords, 10 years in prison for access device fraud, and 15 years in prison for identity fraud.
( The U.S. Department of Justice took additional actions after publication. )
Found this article interesting? Follow us on and Twitter to access more exclusive content.