Hackers Compromised a Popular Carding Site Exposing 300,000 User Account Details
According to Have I Been Pwned, Carding Mafia, a forum for stealing and trading credit cards, has been hacked, exposing 300,000 user accounts.
However, Motherboard suggests that the credit card hacking
forum operators have not notified their users estimated to be about 500,000.
Unlike the carding site that offers stolen data to
cybercriminals, Have I Been Pwned service allows users to determine if their
login information was leaked in any data breach.
Carding site exposes cybercriminals’ emails and IP addresses
The data breach on Card Mafia exposed email addresses,
hashed passwords, usernames, and IP addresses of 297,744 carding site users.
Troy Hunt, the founder of Have I Been Pwned confirmed the
authenticity of the stolen data. Hunt said that the carding site recognized
leaked email addresses through the “forgot password” feature, but failed when
random email addresses were used.
The carding site warned that “you have not entered an email
address that we recognize” when random emails were entered, according to
Motherboard.
Similarly, a hacker surfaced on another popular hacking
forum advertising data stolen from the illegal carding site.
According to screenshots shared by Motherboard, the database
allegedly stolen from the carding site was 990 GB in size containing 660,000
posts and 130,000 threads. The alleged hacker offered the database for free through
his private messaging inbox.
A few months ago, researchers found that most cybercrime
transactions were shifting to private messaging apps to avoid alerting
authorities and security researchers who usually warn the compromised
organizations.
It’s not uncommon for hackers to dispose of stolen data for
free to earn “street cred” or reputation on popular hacking forums. They can
capitalize on this reputation to request payment for data, and even demand
premium prices.
Reputation is a powerful tool in the underground markets
such that a few threat actors have dominated the markets by creating a solid
reputation over the years. Thus, unknown hackers find it difficult to sell
stolen data independently and resort to using data brokers and parting with generous
commissions.
Hacker on hacker crime is rampant on underground hacking
forums
Three top Russian hacking forums were recently hacked within
three weeks, according to the security journalist, Brian Krebs.
Similarly, Darknode was hacked in 2017 immediately after
launching, while OGUSERS was compromised twice in 2019 and 2020.
Hacker on hacker cybercrime is a popular method of stifling
competition from rival gangs offering similar services. It could also be an
easy way to obtain gigabytes of stolen data for free or improve the hacker’s
reputation.
However, it increases the risk on the victims when their
data falls in the hands of more criminals. Contrarily, it could lead to the
arrest of cybercriminals by tracing their IP and email addresses.
Although IP information could allow law enforcement agencies
to determine the cybercriminals’ location information, most hackers use VPN
services to hide their real internet addresses. Additionally, hackers use
untraceable email addresses from providers such as Mailinator to register on
hacking sites. However, novice hackers are likely to err by logging in using
their real IP addresses or registering on the carding hacking sites using real
email addresses.
Unfortunately, the cost and resources required to track,
arrest, and prosecute cyber criminals fall beyond governments’ abilities.
Commenting on the compromise of the illegal carding site,
Ilia Kolochenko, Founder and Chief Architect at ImmuniWeb, says: “Most of the compromised
accounts have fake data and IPs from anonymous VPNs or proxies that are not
likely to bring much actionable evidence to law enforcement agencies for
investigation. Moreover, even the Western law enforcement agencies are
currently underequipped to investigate and prosecute cybercrime on a large
scale, and will probably not initiate investigatory operations after the leak.”
However, he suggests that the stolen information, especially
the private messages, could be useful if carefully analyzed.
“Many beginners carelessly expose sensitive technical,
personal and other details there. Even a simple analysis of the unencrypted
messages can paint a broad picture of the underground marketplace and shed
light on the true identities of wrongdoers and their clients. Cybercriminals
will probably not exploit the stolen information in an aggressive manner except
for some rival gangs aiming to stiff competition.”
Comments
Post a Comment