Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan
Credits: The Register
The denizens of online forums dedicated to trading in stolen credit cards have been shown to be wretched hives of scum and villainy.
This not-so-surprising news comes this week via academics at Washington State University (WSU) in the US, who eavesdropped on the activities of two marketplaces and read over 10,714 posts to those discussion boards.
What they found was miscreants, from newly-registered accounts all the way up to the admins, are constantly trying to get one over on one another.
We’re told only a small fraction of the crooks lurking on the boards were commercial traders buying and selling stolen cards for cybercrime use. Far more frequent were accounts that were looking for handouts – things like free credit-card lists, malware tools, and tutorials.
“These free content sections are not really that new,” The Reg was told by Dr Alex Kigerl, an assistant research professor of Criminal Justice and Criminology at WSU and lead author of the report.
“It’s a way of attracting a larger user base, it is a nice ‘gateway drug’ to convince cautious users to consider buying premium products eventually, and it is also a way for free-content contributors to gain street cred that they can convert into actual business transactions.”
They aren’t the only ones looking to get something for nothing.
And here we have the rare ‘admin as ripper’ scam
In one particularly amusing instance, the WSU team found that it was the administrators of a carding forum who were perpetrating a scam on their fellow users.
Here’s how it worked. The admin was offering collections of stolen credit card information for sale. As it turns out, and as the buyer would only find out after completing the purchase, the credit card details were false.
These scams, known as “rippers,” are well-known among carding forums. Those that perpetrate them usually get booted quickly. Unless, of course, they have a way to keep the operation quiet.
Aware that the angry buyers could blow the scam by tipping the rest of the forum off, the administrator would ban their victims accounts from the public forums if they called out the scam publicly.
“Usually, it’s in the admin’s best interest to crackdown on rippers, because it scares off customers who can’t trust the site and is bad for business,” said Kigerl.
“This admin, however, regularly received payments for credential goods from users then proceeded to ban the user from the site without delivering anything. To my knowledge, I’ve never heard of this happening before, so it is new.”
Then again, fraudsters aren’t generally well-known for their excellent foresight.
The full paper, “Behind the Scenes of the Underworld: Hierarchical Clustering of Two Leaked Carding Forum Databases” was published in the journal Social Science Computer Review. ®
www.extremehacking.org
Sadik Shaikh | Cyber Suraksha Abhiyan, Ethical Hacking Training Institute, CEHv10, CHFI, ECSAv10, CAST, ENSA, CCNA, CCNA SECURITY, MCITP, RHCE, CHECKPOINT, ASA FIREWALL, VMWARE, CLOUD, ANDROID, IPHONE, NETWORKING, HARDWARE, TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking, CSA Certified SOC Analyst, CTIA EC-Council Certified Threat Intelligence Analyst, Center For Advanced Security Training in India, ceh v10 course in Pune-India, ceh certification in pune-India, ceh v10 training in Pune-India, Ethical Hacking Course in Pune-India