Police Shut Down Relaunched Crimenetwork Dark‑Web Marketplace Hosting 22,000 Users and €3.6 M Revenue
What Happened – German and Spanish law‑enforcement agencies seized the relaunched “Crimenetwork” criminal marketplace, arrested its 35‑year‑old German operator in Mallorca, and confiscated the domain. The platform had ~22 k registered users and generated roughly €3.6 million in revenue.
Why It Matters for TPRM –
- Dark‑web marketplaces are a primary source of ransomware‑as‑a‑service, credential dumps, and illicit tools that can be leveraged against third‑party vendors.
- The takedown shows that threat actors can quickly rebuild and monetize illicit services, creating a persistent supply‑chain risk.
- Organizations must monitor exposure to services advertised on such platforms (e.g., compromised credentials, malware‑as‑a‑service).
Who Is Affected –
- All sectors that rely on third‑party software or data services, especially those targeted by ransomware or credential‑theft services sold on the marketplace.
Recommended Actions –
- Review any third‑party relationships for exposure to tools or data that may have been sourced from Crimenetwork.
- Validate that credential‑management and malware‑detection controls are robust against services advertised on dark‑web markets.
- Incorporate dark‑web monitoring into your vendor risk program to detect early signs of illicit activity involving your supply chain.
Technical Notes – The operation was a classic “dark‑web marketplace” model: a web‑based platform offering illicit goods (malware, exploit kits, stolen data) for purchase with cryptocurrency. No specific CVE or vulnerability was disclosed; the risk stems from the availability of malicious services. Source: Help Net Security