Do Son 
The cyber intelligence firm PRODAFT has announced the launch of its SYS initiative, aimed at acquiring user accounts from darknet forums. According to the company, this program is designed to enhance the scope of its HUMINT (human intelligence) operations and gain access to restricted cybercriminal platforms.
The initiative outlines a secure protocol for account transfer, offering communication through encrypted channels such as ToX chat or email. PRODAFT specifies that it is primarily interested in accounts registered before December 2022. However, accounts flagged by law enforcement or listed in investigative databases will not be considered.
The offer is directed at individuals who previously created accounts on prominent forums including XSS, Exploit.in, RAMP4U, Verified, and BreachForums. PRODAFT affirms its commitment to preserving the anonymity of sellers and does not request additional details regarding their prior activity.
The account handover process, as described by the company, involves a screening stage to verify non-involvement in criminal operations. PRODAFT notes that information derived from acquired accounts is documented in reports shared with law enforcement agencies, although seller identities remain confidential.
In addition to purchasing accounts, the initiative allows for the anonymous submission of intelligence on cybercriminal activity. The company explicitly states it is not concerned with the motivations that led users to join underground forums—be it curiosity, attempts to access illicit content, or procurement of suspicious goods.
Testimonials published on the project’s website—allegedly from members of cybercriminal syndicates—reinforce the company’s reputation within the threat actor community. Notably, an individual identifying as an operator of the BlackBasta ransomware group describes PRODAFT as an organization with extensive data access and a persistent surveillance presence in cyberspace.
