European law enforcement has dismantled an extensive Dark Web operation that was built to deceive users seeking illegal content and cybercrime services.
According to Europol, a 35-year-old man based in China is suspected of creating a network of 373,000 Dark Web websites. These sites advertised child sexual abuse material and hacking-related services, but investigators found that none of the promised content or access was ever delivered. The entire system was designed to collect payments under false pretenses.
Officials described the takedown as one of the largest actions ever taken against fraudulent platforms operating on the Dark Web.
Further details from Bavarian Police show that the network included 32 platforms claiming to offer child sexual abuse material, distributed across approximately 90,000 .onion domains. In addition, 90 other platforms promoted stolen credit card data and unauthorized access to compromised systems, spread across another 283,000 .onion addresses.
Authorities stressed that these platforms were entirely deceptive. The sites were structured to appear convincing, often displaying previews and organized listings to build trust. In reality, users who made payments received nothing. The operation relied on persuading visitors to transfer money without providing any service in return.
Investigators estimate the suspect generated around $400,000 in revenue by targeting roughly 10,000 customers over several years. Many of the sites offered supposed “packages” of illegal content, described in sizes ranging from gigabytes to terabytes, with payments requested in cryptocurrency.
The investigation began in mid-2021. Since then, authorities have seized 105 servers linked to the network. By tracing cryptocurrency transactions, they were also able to identify 440 individuals who had made payments through the platforms.
The suspect has not been publicly named, but investigators have released a photograph and confirmed that an international arrest warrant has been issued. Authorities found that the operation relied heavily on rented servers located in Germany and had been active since at least 2019.
All identified websites have now been replaced with official seizure notices.
According to Bavarian Police, the scale and structure of the network made it particularly difficult to detect. The suspect replicated 122 variations of platform designs and distributed them across more than 373,000 unique addresses. This created an infrastructure that was widely scattered and complex, making it hard to track using traditional investigative methods.
The case underlines a pattern often seen in underground online ecosystems, where even individuals seeking illicit services can become targets of fraud. The combination of cryptocurrency payments, large-scale site replication, and anonymous hosting allowed the operation to expand quickly while avoiding early detection.
At the same time, the investigation shows how law enforcement agencies are improving their ability to track digital financial flows and dismantle large, distributed networks.
Read the original article: