FBI Seizes Leading Hacking Forums Cracked.to and Nulled.to

Nulled.to and Cracked.to, major hacking forums, appear seized by the FBI as DNS records point to FBI servers. No official confirmation yet. Cybersecurity experts await updates.

Today, two of the most prominent hacking and cybercrime forums, Nulled.to and Cracked.to, appear to have been seized by the FBI, as indicated by recent changes in their DNS records. However, no official press release or announcement has been made by the agency, leaving both cybercrime and the cybersecurity community speculating about the situation.

****DNS Records Indicate FBI Takeover****

According to publicly available WHOIS and DNS records, both Nulled.to and Cracked.to have had their name servers changed to FBI-controlled domains earlier today, specifically:

****DNS Records for Nulled.to****

• Domain Created: March 5, 2022
• Last Edited: January 30, 2025
• Expires: March 5, 2026
• Primary Name Server: ns1.fbi.seized.gov
• Secondary Name Server: ns2.fbi.seized.gov

****DNS Records for Cracked.to****

• Domain Created: July 27, 2020
• Last Edited: January 30, 2025
• Expires: March 17, 2028
• Primary Name Server: ns1.fbi.seized.gov
• Secondary Name Server: ns2.fbi.seized.gov

These changes indicate a government seizure. However, as of now, no seizure banner is displayed on the websites, and no official press release has been issued by the FBI or any U.S. law enforcement agency.

Screenshot: Hackread.com

****What Were Nulled.to and Cracked.to?****

Both forums were widely known for facilitating various cybercrime activities, including account breaches, where leaked credentials for platforms like Netflix, Steam, and banking accounts were bought and sold. They also served as hubs for cracked software, offering pirated programs and game cheats.

Additionally, discussions on fraud and carding were prevalent, covering illegal financial activities such as credit card fraud and identity theft. Furthermore, users exchanged information and tools related to hacking and exploits, including malware, botnets, and ransomware, making these platforms a major threat to cybersecurity.

****Lack of Official Statement Echos Breach Forums Take Down****

While the DNS changes suggest law enforcement action, the lack of an official announcement brings to mind the failed seizure of BreachForums. On May 15, 2024, the FBI took control of its domain and placed a seizure notice on the homepage but never officially confirmed the action or issued a press release.

On May 17, 2024, the admin and owner of the forum, linked to the ShinyHunters hacker group, boasted about reclaiming the seized domain right under the FBI’s nose. To make things worse for the agency, by May 22, 2024, the forum was fully restored using its original domains. To this day, the FBI has not issued any statement or acknowledged its failure to retain control of the domain.

Nevertheless, historically, when the FBI seizes a website, it displays a seizure notice, as seen in the takedowns of RaidForums, BreachForums (V1), and WeLeakInfo. The absence of such a banner suggests that further action may be in progress.

Hackread.com has reached out to authorities for comment. We will provide updates as soon as we receive a response. Stay tuned.

1. Finnish Dark Web Marketplace PIILOPUOTI Seized
2. Nulled.IO Hacking Forum Hacked, Trove of Data Stolen
3. NetWire Malware Site and Server Seized, Admin Arrested
4. Genesis Market’s Clearnet domain seized; Dark Web site online
5. WT1SHOP Cybercrime Market Seized by US, Portuguese Authorities