The notorious underground hacker forum called Hell, which allows users to trade in everything from hacking techniques to massive data dumps of stolen information, has reportedly been taken over by a new set of administrators. The fresh leadership is said to be the same team behind a separate exploit marketplace called The Real Deal, who said control over the controversial dark web-hosted website was due to the initial administrators stepping down over “personal reasons”.
One of the new admins, who also goes under the pseudonym The Real Deal, told Motherboard: “We will be removing the invite-only system for at least a week, and leave the ‘vetting’ forum for new users. It’s always nice to have a professional community that meets our market’s original niche. Hopefully it will bring some more talent both to the market and to the forums.”
Like many underground forums, the most famous of which was the now-retired Silk Road, both Hell and The Real Deal have encountered significant setbacks due to law enforcement clampdowns over the past year. Most notably, and possibly a concern for the long-term members of the Hell forum, The Real Deal mysteriously disappeared from the dark web last year – which in hacker circles is an indication of a swift arrest. Indeed, after users quickly noticed the lack of activity, it later emerged the admins had been caught up in a series of raids in relation to a separate underground website called Darkode.
For its part, Hell also went through significant downtime after Canadian law enforcement detained its then-administrator, who was using the handle Ping, in July last year. A few months later, the forum returned under the title Hell Reloaded. Many suspicious users have since raised the possibility the new iteration is a ‘honeypot’ operation – set up by cyber cops to catch hackers in the act.
After its emergence in early 2015, Hell quickly gained notoriety for hosting a number of large-scale data dumps. These included millions of stolen Adult Friend Finder credentials and, most recently, the compromised dataset from hacked dating website Mate1
What is Hell and how does it work?
Only accessible with the use of the Tor Browser, the forum uses a so-called vetting process that means only the dedicated and the skilled gain entry to the more controversial aspects of the website. Ultimately, this is designed to keep out law enforcement infiltrations and so-called ‘script kiddies’ by giving the power to established members with a ‘vouching’ method.
In a post on Hell, one user, under the name Prometheus, outlined the vetting steps to potential hacking candidates. The admin said: “You are now required to post what kinds of skills you have and what you want to do on this forum in your introduction. Do not post any info that could help LE [law enforcement] identify you, you don’t have to be too detailed. Another way to join is if you are here mainly for business, and in that case, please state what kind of business you are into. The admins will then decide if you are allowed to join. Other users will be allowed to give their opinion on your entry but ultimately the decision will be made by the admins.”
And the wannabe hackers obliged. One budding member wrote: “Hello, I’ve come to Hell to learn/share and sell what I’ve obtained and still obtaining. Things like IDs / passports / banking information / blank cheques, some of interesting things I come across and obviously logins for everything under the sun which I’d gladly share. I use tools at hand to obtain information either through websites SQL injections, social engineering to get into emails. Basic skill set really looking to learn and get better.”
Another added: “Hello my handle is Byrdmayne, I am a graphic designer, programmer and coder, I’ve always been keen to the darker ways of the web, I’m not by any means an expert, some things I have done was design a flawless replica of Xbox websites and phished over 3000 live accounts, charging up more than 11,000 dollars in games, add-ons, movies and more.
“I have dabbled in skimming and also have designed malicious software to be spread at large companies, disguised as database management software, all coded in .net or C+. I designed an online bootleg movie theatre along with a downloadable program allowing users to watch movies from the online theatre. I’m here simply because I’m always looking to learn more things and I’ve heard great things. Thank you.”
However, in ruthless fashion many don’t make the cut and are quickly added to a rejected section of the website, with the unfortunate subheading of “People who couldn’t make it into Hell”.