Identity theft is big news on the Internet. The general business world, the world of finance, and social networks are regularly attacked by crooks or self-styled hacktivists who use, sell, or just disseminate credentials and private data. But the cybercrime world itself is also periodically targeted by malicious agents. In this type of attack, “carding” forums (which sell stolen credit card information) seem to be the most vulnerable:
- In August 2006, the DarkMarket forum was hacked by a competitor’s administrator
- In December 2007, the entire carder.su database was offered for sale at $500
- In May 2010, the whole German carders.cc forum could be locally rebuilt using source files available on Rapidshare, making it possible to browse inside the forum just like an administrator
- In January, SwissFaking.net private messages were posted by a group named “_ninjas_.” Next month, it was cardmarket.su’s turn.
- In April, the German carder forum HBA-Crew v2 was twice hacked: by the “Happy Ninjas” and by someone selling a database backup for €250
The last incident I have discovered is dated from the end of June. On June 27, some MyMarket.su subscribers received the following message:
The sender is nicknamed TheDigitalMessiah. I’ve never heard of him, and he boasts that he is the carder.su hacker.
Today, Mymarket.su and its branches are still online and the business goes on. But the gunfights have started. On July 2, another message arrived in the mailboxes and since then, pastebin has received other disclosures from T_D_M.
The big cats are at each other’s throats. On the Anonymous circles, th3j35t3r, TeamPoison, and other ninjas have disclosed most of the LulzSec secrets. In the world of cybercrime some internecine struggles appear. I hope that these family squabbles will allow us to spend our holidays in peace.