Table of Contents
FBI-led Operation Talent has reportedly seized domains of cracked.to, nulled.to and others, the sites involved in cybercriminal activities.
FBI has taken down Cracked.to, Nulled.to, and a few other hack sites cybercriminals use for dropping stolen credentials, software cracks, and remote desktop hacks in a coordinated law enforcement operation.
In Operation Talent, several domains suspected of facilitating hacking activities have been busted with a law-enforcement “seizure” notice now showing up on their landing.
“This website, as well as the information on the customers and victims of the websites, has been seized by international law enforcement partners,” reads the notice.
Among the seized domains are Sellix.io, an online platform for cross-border financial services, reportedly misused for illicit activities, and StarkRDP.io, an RDP service allegedly used for unauthorized access and system distribution.
According to the notice, the operation was conducted by the FBI with its international partners which included Europol (European Union), Federal Criminal Police Office (Germany), Australian Federal Police (AFP), and Hellenic Police (Greece), among others.
Hack sites confirmed takedown
On 29th January, several X users reported all the seized sites had their nameservers changed to FBI-controlled ns1.fbi.seized.gov/ns2.fbi.seized.gov, without a seizure banner yet. A few hours later, a law enforcement banner started appearing on these sites.
Cracked.io admins took to Telegram to confirm the seizure of their services. In a message on their official channel, they announced, “Now that everyone has more clarity on the situation, Cracked.io has been seized under Operation Talent with specific reasons being undisclosed.”
“We are still waiting for the official court documentation from the data center and the domain host and will inform you guys further on those details once we have it,” the announcement added.
Around the same time, Sellix.io operators confirmed a law enforcement investigation into their services is currently affecting their operations, adding that they are coordinating with the investigation and services should be back to normal.
“Our AWS account has been shut down due to an issue with a police investigation which has mistakenly impacted our services,” the operators said. “Funds are safe, operation will be back up soon, no date yet as we are waiting for more details. No data has been lost.”
Operation details not yet out
Although reports about law enforcement operations on these websites have been consistent on the internet, including Cracked.io and Sellix.io confirmation, the agencies have yet to acknowledge the seizures. Additionally, there have been no reports of any arrests made under Operation Talent so far, even as the operators of these sites publicly announce operational seizure.
FBI did not respond to email queries till the time of publishing of this report.
DNS reports for the sites indicate legal obstruction as nameservers have been updated to ns1.fbi.seized.gov and ns2.fbi.seized.gov, and status reflects restrictions including serverDeleteProhibited, serverTransferProhibited, clientTransferProhibited, and serverUpdateProhibited. The absence of an official statement on this operation mirrors the May 15, 2024 takedown of BreachForums, where the FBI seized the forum’s domains and placed a seizure notice on its homepage without issuing a public statement.
