Cracked and Nulled: How Law Enforcement Seized Two of the World’s Biggest Cybercrime Forums
Read Time 5 mins | 10 February 2025

In a landmark operation that cut across national boundaries, global law enforcement agencies have shut down Cracked and Nulled, two of the world’s largest and most notorious cybercrime forums. These websites operated as bustling online marketplaces where criminals traded everything from stolen credit card information to hacking services. Not only did this market of illegal goods facilitate scams and data breaches worldwide, it also highlighted one of the most daunting challenges in modern cybersecurity: cybercrime is truly borderless.
Criminals from different continents connected in these digital meeting places, attacking targets in every imaginable sector. Despite Australian organisations being geographically distant from many cybercriminal hotbeds, they were no exception. With data breaches, phishing attacks, and malware distribution skyrocketing, it was apparent that no region was safe from the illegal trade facilitated by Cracked and Nulled. This article explores the impact of these takedowns on the global cybercrime ecosystem, with a special focus on how Australian businesses can guard themselves against threats that know no borders.
A Coordinated Global Effort
The takedown of Cracked and Nulled involved multiple law enforcement bodies working together across continents. Europol and the FBI led the charge, supported by a coalition of police forces that had been gathering intelligence on these forums for months. By seizing the domains and dismantling the associated infrastructure, investigators effectively severed communication lines among the forums’ vast user base, which included hundreds of thousands of registered members.
International collaboration was crucial. Cybercrime rarely respects geography, and the actors behind these sites operated anonymously from different jurisdictions. Administrators and prominent members used various techniques to stay hidden—ranging from encrypted messaging to proxy servers—but this meticulous, synchronised effort forced them into the open. Several arrests were made, with more investigations ongoing. Authorities emphasise that shutting down these forums is only the first step. The real work now is tracing the criminals behind the sites and helping victims worldwide regain control of their stolen data.
Inside the Forums
Before being taken down, Cracked and Nulled functioned as cybercrime supermarkets. Hackers advertised phishing kits, ransomware services, and access to databases of compromised credentials. Buyers could pay in cryptocurrencies to mask their identities. The forums even offered rating systems, much like legitimate e-commerce platforms, where participants rated the reliability of sellers and the quality of illicit merchandise.
This activity did not merely harm large corporations; small businesses and even individual users frequently found themselves on the losing end. Stolen passwords, sensitive financial information, and personal details circulated freely. Once purchased, criminals used these data sets to commit identity theft, launch phishing attacks, or break into private networks. By the time victims discovered the breach, the damage was often done—leading to reputational harm, financial losses, and potential legal ramifications.
Why This Matters for Australia
Australia may be geographically isolated, but in the digital realm, distance means very little. Australian organisations, particularly small and medium-sized businesses, have become attractive targets due to their often-limited cyber defences. Cracked and Nulled presented cybercriminals with a buffet of tools and stolen credentials, many of which belonged to Australian citizens and corporations.
Local authorities, such as the Australian Federal Police (AFP) and the Australian Cyber Security Centre (ACSC), worked alongside global partners to identify breaches with an Australian link. Data stolen from Australian entities could easily show up for sale on these forums, giving criminals a direct route to exploit vulnerabilities in local infrastructure.
Moreover, Australia’s Notifiable Data Breaches (NDB) scheme places legal obligations on companies to promptly disclose certain types of data breaches to affected individuals and the Office of the Australian Information Commissioner (OAIC). A well-organised cybercriminal network can quickly capitalise on stolen data, making timely detection even more critical. As the fallout from Cracked and Nulled shows, a single leak can trigger an avalanche of unauthorised access, operational downtime, and financial damage.
The Borderless Nature of Cybercrime
From Europe to North America, from Asia to Australia, criminals leveraged Cracked and Nulled to launch attacks that spanned the globe in mere seconds. This ease of cross-border collaboration underscores the main takeaway from recent events: cybercrime is not confined by traditional geographical limitations. A hacker in Eastern Europe can breach a database in Sydney, sell the stolen data to a buyer in South America, and funnel the profits through cryptocurrency platforms headquartered anywhere in the world.
For Australian organisations, this reality means that focusing solely on domestic threats is no longer sufficient. Security measures must reflect the global reach of cybercriminals, encompassing continuous threat intelligence, around-the-clock network monitoring, and proactive defence strategies.
Strengthening Defences: How Oko Can Help
Despite the elimination of Cracked and Nulled, new platforms will inevitably spring up elsewhere. This cycle of closure and emergence is a defining characteristic of the cybercriminal underworld. However, businesses and individuals can take decisive steps to protect themselves:
- Holistic Monitoring: Oko’s AI driven dark web monitoring service provides real-time alerts whenever stolen Australian credentials or sensitive corporate data appear in illicit marketplaces. Prompt detection enables swift action, minimising damage and keeping you compliant with the NDB scheme.
- Global Threat Intelligence: By gathering intel from various sources worldwide, Oko identifies emerging cybercrime hubs before they reach the scale of Cracked or Nulled. This proactive approach arms you with the knowledge needed to patch vulnerabilities and adapt security protocols.
- Incident Response Readiness: Even with the best preventive measures, incidents can occur. Oko offers insights that help refine incident response plans, reducing the time and cost associated with containment and recovery.
- Regulatory Compliance: Meeting the requirements of Australia’s data privacy regulations becomes more manageable when your organisation can demonstrate robust, continuous monitoring and clear escalation procedures.
Conclusion
The coordinated takedown of Cracked and Nulled may mark a major victory in the fight against cybercrime, but it also demonstrates how quickly and easily malicious actors can collaborate across borders. Australian organisations must remain vigilant, recognising that cyber-threats can and will come from anywhere in the world. Building a layered defence, staying informed about dark web activities, and implementing comprehensive monitoring solutions like Oko are essential steps to protect your business, reputation, and bottom line.
Ready to defend against borderless cyber threats? Contact us today to learn more about Oko and discover how real-time AI driven dark web monitoring can safeguard your data in an increasingly global threat landscape.
About Oko
Oko is an all-in-one fully managed AI driven dark web monitoring solution dedicated to helping organisations of every size protect sensitive data, identify emerging threats, and respond effectively to potential breaches. By providing real-time alerts and actionable intelligence, Oko empowers you to fortify your cybersecurity posture and stay one step ahead of criminals, no matter where they operate.
Sources
https://krebsonsecurity.com/2025/02/whos-behind-the-seized-forums-cracked-nulled/
Join Our Newsletter