- Stolen Card Details Posted To Internet Forums
Today we came across a considerable collection of stolen credit card details - somewhere in the region of 150 seperate pieces of data - posted to a fairly typical Warez forum. The odd thing about it was that the poster didn't really come across as a professional carder - more like someone who happened to stumble across a stockpile of sensitive information and was now trying to distribute it as quickly as he could.
A clue that this might be the case was that the formatting of the data was fairly irregular - normally carders post all their information in a very uniform fashion - here, you could see at least three distinct types of data, some containing nothing more than card details while others contained (amongst other things) name, address, PIN number, phone number and (more worryingly) a "receiver address", as if information had been lifted directly from a back-end payment system.
A final clue that the poster might not be a professional carder? Well, the big giveaway is that he happily posted all this information with a huge photgraph of himself for a signature picture and his location listed under his forum avatar.
Can't say I've seen that before.
The majority of victims appear to be based in the United States - there is discernable pattern to the victims, nor is it currently possible to tell what sites were compromised to obtain the data (if any). Of course, we tried to contact some of the victims to let them know to cancel their cards (as far as we could see, all cards are valid until at least next year) but so far, we've had no success.
Extensive searching on the information contained in the forum posts - and it seems to be well hidden underground, even though the poster says to "use them quickly because they're being used by other people too" - turned up no obvious reveals, save for one solitary Email address listed in the data. The Email address took us to a pro carding forum - apparently offline now - where someone was offering up a small sample of private data, with a purchase price of $30,000 to 50,000 dollars for "UK and US bank logins".
Could someone have bought this data then accidentally dumped it into a public directory somewhere? Unlikely, as everyone would now have a copy - but it seems that somewhere, somehow, a professional carder has made a big mistake....