Hacker groups used a fake website to spread fake hacking tools that they claimed could help them hack into computers.
Hackers allegedly used the websites to sell a tool that lets them take over a computer’s security system, or to install malware.
The tools are known as “malware.”
They’re sold on the Dark Web and in the Black Market, a section of the Internet that’s still unregulated.
A report by the Center for Strategic and International Studies said the tool was made available by a Russian hacking group that goes by the name “Eternal Flame.”
It’s not clear if the group is linked to Russian President Vladimir Putin.
The report also said that the group had distributed tools to the Russian military.
The group said its purpose was to hack into the computers of military officials.
The U.S. State Department has identified the malware as Eternal Flame.
“The Eternal Flame malware is designed to compromise a computer network through a phishing campaign, including by sending a spoof email, posing as an official email account and providing the intended recipient with a fake login and password,” the report said.
“Once the computer is compromised, it can be used to launch a variety of malicious code, including rootkits, ransomware, and spear phishing.”
The researchers say the malware was sold on Dark Web markets like Cryptomundo.
There, users are allowed to download the malicious software, which can be run on infected computers and steal their passwords and credit card numbers.
One of the fake hacking sites, the Black market, allows users to buy the tools, the report says.
“Users are offered the opportunity to download malware tools on a variety.
They can download the most sophisticated tools with the lowest prices, while also getting a free license to the Black Ops botnet,” it said.
The FBI is investigating the hacking.
“Our goal is to disrupt the cybercriminal and illicit cybercriminal networks that pose a significant threat to our nation’s security, including cybercriminals who attempt to compromise U.s. networks,” Acting FBI Director Christopher Wray said in a statement.
The State Department said it’s working with cybersecurity companies to identify and disrupt the malware.
“We have been closely watching the development of the malware, and will continue to monitor the Dark Net and other darknet markets for signs of the presence of malware, particularly malicious tools,” the statement said.
A Russian hacker who goes by “Ghost” told the Associated Press he was part of the team that attacked the site.
“There are several different groups, and they’ve been trying to steal our money,” he said.
Ghost told the AP that he did not think the site would be targeted.
He said he has been working with the FBI and U.K.-based cybersecurity company CrowdStrike on the malware’s development.
“They told me that we were in the dark about this, and that we would be able to get it working by a certain time,” he told AP.
He told AP that the hackers had already targeted a number of banks.
He also said he knew that the site had been compromised.
He says the site’s main message was that it was hacked, but he said he did NOT want people to think that he was the hacker.
Ghost said he got his own account hacked, and his own credit card details stolen.
He claims he then tried to contact the company that operates the site, but got no response.
The company Ghost says is a Russian company has not responded to a request for comment.