2/16/2012 4:29 PM ET

Stolen credit cards for $3.50 online

(Continued ...)

Going price

The hacker used bank account information scraped from more than 25,000 victims' computers, in some cases renting other cyberthieves' networks of infected computers. He created counterfeit checks with banking data and mailed them to money mules throughout the United States. They cashed them, then forwarded the funds untraceably to Russia. He even used stolen credit card numbers vacuumed from the victims' hard drives to buy prepaid postal-service labels for the packages.

"From start to finish, this guy leveraged every bit of data," said Alex Cox, an investigator for Netwitness, a cybersecurity division of EMC, which has also been tracking Soldier's activities.

The most remarkable thing about the theft -- and this is, to experts in the field, the most worrisome development of the past few months -- was that Soldier didn't need any special expertise with computers. All he needed was a shopping list.

"He's not a lone hacker," said Trend Micro's David Perry. "He didn't write any code."

Shopping list

Strom said the FBI is also tracking Soldier and is confident they'll get him. "These guys are very sophisticated, but oftentimes they slip up," Strom said.

Strom and other investigators have one significant advantage: The hackers have a habit of turning their skills on one another. The FBI's DarkMarket sting started with a hacker war between a hacker calling himself Iceman, who ran CardersMarket, and JiLsi, the DarkMarket administrator, whose real name was Renukanth Subramaniam, the FBI said.

"We took advantage of that animosity," Strom said. JiLsi was eventually persuaded to turn over the site to the FBI, giving the bureau control over all communications involving DarkMarket's 2,500 members. As a result, Subramaniam was sentenced to more than four years in prison in the U.K.

Maza, the elite Russian forum, was recently hacked and its database dumped online, presenting a priceless opportunity for law enforcement. The forum's database held membership lists, email addresses, IP addresses and passwords -- the kind of information the world's top cyberthieves try very hard to keep secret. The main suspect in the Maza attack is the administrator of a rival site, Hex Nightmare said.

What do I do if my credit card is stolen?

Lessons learned

"We learned a lot of lessons with DarkMarket, and we've passed that experience on not only to other offices within the FBI but to our counterparts overseas," Strom said. "We're definitely taking the fight back to them."

Hex Nightmare agrees the FBI may eventually make more progress. When Slavik, the author of the ZeuS malware, disappeared in 2010, he was at the height of his fame. Theories about his disappearance abound on the underground: He was killed; he now works as a cyberspy for the Russian government. Hex Nightmare has her own theory: "I think Slavik thought it was a good time to get out."

More from Bloomberg:

Single page

< Prev
1
2
3
4
5

VIDEO ON MSN MONEY

8Comments

Best

Feb 17, 2012 7:46AM

If someone steals my identity, I believe I should have the legal right to "eliminate" that person, much as I would have a tumor removed, limb amputated, etc.

Previous replies

BIG RON8158

Feb 16, 2012 11:45PM

The credit card companies should have customers enter a pin# to make a transaction just like debit cards.This alone would keep a thief from being able to use a credit card by just swiping it.Also if all the credit card companies did this it would make it next to impossible to use a card they've stolen.People need to keep a close eye on their cards as well and immediately cancel the card if it is missing or stolen.Just common sense folks!

Previous replies

GT-0327

Feb 16, 2012 9:55PM

THESE people are the real cyber-criminals. Anonymous is a much different story than those depicted here.

Previous replies

chirpy

Feb 17, 2012 3:47AM

If these guys are getting the security codes i am sure they would get the pin numbers also.

Previous replies

Ken 59 (Ken1952)

Feb 26, 2012 9:11AM

In UK, Ferance, Germany and so on ALL use Pin# to use the card where ever they go yes even in the USA.

We in the USA are the ones behind in credit cards sad but true!

Previous replies

Steven Isom

Mar 21, 2012 2:00AM

DO NOT GIVE A DEBIT CARD OR CREDIT CARD TO A RESTURANT THAT TAKES YOUR CARD OUT OF SIGHT. THEY CAN HIDE A SKIMMER IN THE PALM OF THEIR HAND AND COPY THE NUMBERS AND SELL THE INFORMATION. HAPPENS MORE THAN YOU WOULD LIKE TO KNOW.

Previous replies

Someone

Nov 21, 2012 9:24AM

hi` stolen CCs and paypal logins being sold only. not generated crap.
prices below. NO MINIMAL ORDER ONLY FIRST time to test cc quality, other
times not selling 1cc etc.
thanks for interest and good luck`,.!
G09000000@gmail.com
---------------------------------------------------------

valid rate 75-95% , depends on your luck

PRICES DEPENDS ONLY ON PURCHASED AMOUNT OF CARDS
ДЕШЕВЫЕ КАРТЫ, НЕТ МИНИМАЛЬНАЯ СУММА ПОКУПКИ В ПЕРВЫЙ РАЗ :)

USA CC sellout for LOWEST PRICES:::
1cc=3$
20cc=55$
70cc=100$
400cc=400$
USA fullzs=5 to 10$ a piece
USA SSN/DOB lookup=2 to 4$ per each

UK cc=3 to 8$ a piece
UK fullzs=10 to 20$ a piece
UK DOB lookup=2 to 4$ per each

Accepted payments - Libertyreserve.com [no minimal payment amount],
Western Union [80$ min], WMnote [200$ min]

PRICES ARE HIGHER IF YOU BUY SMALL AMOUNT OF CARDS///
CARDS SENT HERE ARE USED BUT REAL, JUST AS SAMPLES
КАРТЫ здесь ИСПОЛЬЗУЮТСЯ Но настоящие, так же как ОБРАЗЦЫ

привет, нет д+п, просто т2 т1 [дампы]. некто не продают д+п, ето булшит.
спасибо до интересов`
NO DUMPS WITH PIN. no one sells their dumps with pin. just dumps.

USA cc tracks [dumps/swipes]
15usd=classic,
25usd=gold/prem/plat,
35usd=signature/business.

if not otherwise specified service code 101 and credit bin being sent
by default.

paypal verified without balance but with CC and Bank attacheD [eligible to spend funds]=5USD a piece.

paypal with balance = approx 5 to 15% from sum in balance. tell approximate amount you are looking for in balance and i tell exact price.

.
.
.
.
.
Love and Knowledge`.

samples ::: real but USED OLD info, just as samples

4640182060273947^ANTHONY/THOMAS^1312101100001100000000935000000;4640182060273947=131210110000935
4640182061474460^MAYNARD/CHRISTOPHER^1402101100001100000000605000000;4640182061474460=140210110000605
4640182061875732^LOUISELL/DAN^1403101100001100000000032000000;4640182061875732=140310110000032
4640188008209208^FOUG/CAROLYN^1310101142691100000000939000000;4640188008209208=131010114269939

4122990025357614 Janeen Luening 04/11 228 11385 Schuman Rd DUMAS TX 79029 US US Citibank (South Dakota), N.A. CREDIT BUSINESS
4465420161544564 Debbi Donota 02/12 782 4504 S Cliff Ave SIOUX FALLS SD 57103 US US Wells Fargo Bank, N.A. CREDIT PLATINUM
4559511500545655 Darrin Doyle 10/11 263 1089 Salem pike Cynthiana 41031 KY US 1-859-234-1291 Washington Mutual Bank CREDIT GOLD/PREM
4147110365768020 Richard Cascarano 10/13 606 205 Fox Run Libertyville 60048 IL US 1-847-987-0647 Citibank (South Dakota), N.A. CREDIT SIGNATURE

tags =
stolen credit card numbers for sell buy cc numbers magnetic EMV smart IC chip mag stripe card Reader and writer ATM skimming skimmer CVV dumps tracks swipes Wincor BOA paypal logins cuy stolen CC numbers for sell credit card platinum business signature gold classic visa amex mastercard vbv vbm debit ACTA SOPA CNET MSR605 MSR 605 MSR 90 MSR 606 Diebold 562 ATM parts NCR 5884 5885 5684 5875 anti Fraud device anti skimmer with lock sign msr 206 micheal barack obama elections 2012 end of the world december anonymous hack hacking letter USA attack Iran crazy Russia attack vodka infraud ministry of fraudulent affairs BBW SSBBW love i love you dope DOD D.O.D dark drum and b****ket limewax perevorot vladimir putin north korea
sopa [ stop online piracy act ] alive fresh cc numbers buy
pipa [ PROTECT IP Act ; Personal Information Protection Act ]
acta [ Anti-Counterfeiting Trade Agreement ]

Previous replies

Chucho_Olas

Mar 21, 2012 1:13AM

I dont understand what the significance is of mentioning cumputer virii (or is the way they spelled it correct, viruses?). Maybe a computer virus is good for their business because it's the "hackers" who know how to repair a system that is infected? I just don't see why it's worth mentioning in an article about credit cards. And why is it possible for a website like this to exist? For it to be prosperous, it should be easy for customers to find a website that acts like an amazon.com for stolen information, which would make it easy for authorities to find it, too.

Previous replies

DATA PROVIDERS

Quotes are real-time for NASDAQ, NYSE and AMEX. See delay times for other exchanges.

Fundamental company data and historical chart data provided by Thomson Reuters (click for restrictions). Real-time quotes provided by BATS Exchange. Real-time index quotes and delayed quotes supplied by Interactive Data Real-Time Services. Fund summary, fund performance and dividend data provided by Morningstar Inc. Analyst recommendations provided by Zacks Investment Research. StockScouter data provided by Verus Analytics. IPO data provided by Hoover's Inc. Index membership data provided by SIX Financial Information.

Japanese stock price data provided by Nomura Research Institute Ltd.; quotes delayed 20 minutes. Canadian fund data provided by CANNEX Financial Exchanges Ltd.

Feedback

TOOLS

Are you carrying too much debt?
See if your obligations are too high for your income.
Estimate your credit score
When will your credit cards be paid off?

SMART SPENDING

Tornado damage? How to file a claim

Your No. 1 priority needs to be keeping safe. But after that, you can save yourself some grief by making careful records -- and keeping all your receipts.

Bing Search

Credit Card Smarts

Stolen credit cards for $3.50 online

Going price

Shopping list

Lessons learned

RELATED ARTICLES

VIDEO ON MSN MONEY

DATA PROVIDERS

RECENT ARTICLES ON CREDIT CARDS

TOOLS

SMART SPENDING

LIZ WESTON

DONNA FREEDMAN

MUST-SEE ON MSN