Introduction
Prodaft [1] [2] [3] [4] [5] [6], a Swiss cybersecurity firm [1] [2], has initiated a program called SYS, which focuses on acquiring verified and aged user accounts from major dark web forums. This initiative aims to enhance law enforcement’s visibility into these networks while providing a pathway for individuals involved in cybercrime to exit the illicit ecosystem.
Description
Prodaft [1] [2] [3] [4] [5] [6], a Swiss cybersecurity firm [1] [2], has launched an initiative called SYS [2] [4] [6], aimed at acquiring verified and aged user accounts from major dark web forums, including XSS [1] [3] [4], Exploit.in [1] [2] [3] [4] [6], RAMP4U [1] [2] [3] [4] [6], Verified [1] [2] [3] [4] [5] [6], and BreachForums [1] [3] [4] [6]. The program specifically targets accounts with moderator or admin privileges, which provide deeper access to these illicit platforms [1]. Only accounts created before December 2022 and with clean histories [5], unlinked to illegal activities [1], are eligible for purchase [1] [3]. Accounts associated with law enforcement’s Most Wanted lists or involved in legal disputes are excluded from acquisition [2]. This initiative offers a pathway for individuals involved in cybercrime to exit the illicit ecosystem while enhancing law enforcement’s visibility into these networks. Participants can sell their accounts anonymously through secure communication channels like TOX and email, ensuring a no-judgment, secure transaction process as long as the accounts have not been used for extreme illegal activities [4]. Upon verification [1] [2], sellers receive a custom quote [1], and payments are made in cryptocurrencies such as Bitcoin or Monero [1] [4], with the price varying based on several factors.
Prodaft emphasizes ethical transparency while maintaining the confidentiality of sellers [4], even from law enforcement [4], although the purchased accounts are reported to authorities [4]. The SYS initiative is part of a broader human intelligence strategy aimed at increasing insights into criminal forums without compromising user privacy [4]. Launched on April 11, 2025 [4], this proactive approach to cybersecurity seeks to dismantle cybercrime infrastructure by encouraging insiders to leave [4]. By accessing these forums directly [1], Prodaft can monitor evolving attack strategies [1], collect malware samples [1], and trace the origins of threats [1]. The firm utilizes the acquired accounts to infiltrate and monitor dark web activities [1], gathering threat intelligence to identify patterns [1], track tactics [1], and uncover preparations for cyberattacks [1]. This contributes to a more comprehensive threat intelligence database and enables quicker detection of emerging cyber threats [4].
Prodaft has a history of successful cyberintelligence operations [1], including aggressive infiltration methods that have effectively combated ransomware and cybercrime [5], such as infiltrating the FIN7 hacking group, which exploited Microsoft Exchange and SQL injection vulnerabilities [1], leading to alerts for over 8,000 organizations and potentially preventing ransomware attacks [1]. The buying program is expected to evolve [1], potentially targeting new forums and accounts [1], and has even been promoted on hacking forums using an old account [1], raising ethical questions about undercover digital operations [1]. This initiative may set a new standard for proactive cyber defense [1], addressing intelligence gaps that law enforcement and governments often face in accessing these forums [1]. Additionally, the program could create a sense of paranoia among cybercriminals [1], as trusted accounts may become unpredictable [1]. The anonymity of sellers ensures their safety while potentially deterring further engagement in cybercrime [1]. The effectiveness of the operation will depend on the number of accounts acquired and their utilization [1], highlighting the rapidly evolving battlefield of cybersecurity where intelligence is crucial [1]. Prodaft also invites individuals to anonymously report cybercrime or unethical behavior through designated channels [6].
Conclusion
The SYS initiative by Prodaft represents a significant step forward in proactive cybersecurity measures. By acquiring and utilizing dark web accounts, Prodaft not only aids law enforcement in gaining insights into criminal activities but also provides a safe exit for those wishing to leave the cybercrime world. This approach could potentially set new standards in cyber defense, addressing existing intelligence gaps and creating uncertainty among cybercriminals. As the program evolves, it may further enhance the capabilities of cybersecurity operations, contributing to a safer digital environment.
References
[1] https://undercodenews.com/prodafts-bold-new-strategy-buying-hacker-forum-accounts-to-fight-cybercrime-from-within/
[2] https://www.hfrance.fr/de/cybersicherheitsfirma-kauft-hacker-forum-konten-um-cyberkriminelle-zu-uberwachen.html
[3] https://buaq.net/go-322930.html
[4] https://undercodenews.com/prodaft-launches-world-first-buyout-program-for-dark-web-forum-accounts/
[5] https://www.hendryadrian.com/cybersecurity-firm-buying-hacker-forum-accounts-to-spy-on-cybercriminals/
[6] https://www.infosecurity-magazine.com/news/prodaft-buy-dark-web-cybercrime/
