Quick Links: SpywareGuide Greynets Blog | SpywareGuide Product Database | SpywareGuide Company Database | SpywareGuide Categories
SpywareGuide powered by FaceTime Security Labs
Search SpywareGuide Greynets Database & Site
Security Email Alerts & Updates
Search the Blog
Recent Posts
Monthly Blog Archives
Subscribe to this blog's feed
About the Blog
About SpywareGuide Greynets Blog
Link to Us
Link to SpywareGuide.com

« NextDoor Worm Spreads across MSN | Main | Tila Tequila, Hilary Duff Hacked By "Tesla" of Kryogeniks »

  • Stolen Card Details Posted To Internet Forums

Today we came across a considerable collection of stolen credit card details - somewhere in the region of 150 seperate pieces of data - posted to a fairly typical Warez forum. The odd thing about it was that the poster didn't really come across as a professional carder - more like someone who happened to stumble across a stockpile of sensitive information and was now trying to distribute it as quickly as he could.

A clue that this might be the case was that the formatting of the data was fairly irregular - normally carders post all their information in a very uniform fashion - here, you could see at least three distinct types of data, some containing nothing more than card details while others contained (amongst other things) name, address, PIN number, phone number and (more worryingly) a "receiver address", as if information had been lifted directly from a back-end payment system.


A final clue that the poster might not be a professional carder? Well, the big giveaway is that he happily posted all this information with a huge photgraph of himself for a signature picture and his location listed under his forum avatar.

Can't say I've seen that before.

The majority of victims appear to be based in the United States - there is discernable pattern to the victims, nor is it currently possible to tell what sites were compromised to obtain the data (if any). Of course, we tried to contact some of the victims to let them know to cancel their cards (as far as we could see, all cards are valid until at least next year) but so far, we've had no success.

Extensive searching on the information contained in the forum posts - and it seems to be well hidden underground, even though the poster says to "use them quickly because they're being used by other people too" - turned up no obvious reveals, save for one solitary Email address listed in the data. The Email address took us to a pro carding forum - apparently offline now - where someone was offering up a small sample of private data, with a purchase price of $30,000 to 50,000 dollars for "UK and US bank logins".

Could someone have bought this data then accidentally dumped it into a public directory somewhere? Unlikely, as everyone would now have a copy - but it seems that somewhere, somehow, a professional carder has made a big mistake....

  • TrackBack

TrackBack URL for this entry:

Listed below are links to weblogs that reference Stolen Card Details Posted To Internet Forums:

» Culinary college in south dakoa. from Culinary college.
Where to go to college for a culinary degree. Culinary arts college. [Read More]

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Site EULA | Site Map | Contact Us | About Us | Site and Spyware FAQ | Advertise | RSS Feeds  | Link To Us | SpywareGuide JapanJapanese

© Copyright 2006, FaceTime Communications, Inc. All rights reserved.