Good ol' #CCpower
A few weeks ago, one of our honeypots was hacked and the attacker installed an IRC bouncer on the machine. Nothing too spectacular, but nevertheless interesting since we can then observe how the attackers communicate with each other and what channels they use. The interesting part is that the attackers joined one of the well-known carding channels, in which credit card infos, Paypal accounts, PINs, and other stolen information is traded. Here a small excerpt, the full dump is many megabytes in size:
- DonDax SELLING Selling USA/Europe VISA/MC DUMPS ,BANKS(halifax,HSBC etc ),Fulls(PIN,DOB,SSN),Paypals(email),EGOLD, and Cvv2's(worldwide). No ripping and NO TESTS.
- Hicks Cashout WESTERN UNION on UK LONDON / GREECE- ATHEENS !!!
- Hicks Selling dumps+pin new ones every week and FULLS ALSO !!!
- JuanesXloT Scot Epic partea ta 50% !! DE asemenea scot conturi caja madrid partea ta 50% ! Caut spammer bun sa fim parteneri am eu scamuri partea ta 50% ! Sau daca ai tu carduri care merg facute cu 1010000... si merg scoase
- M3ster Daca doresti sa-ti achizitionezi un RooT de :scan / flood / pagina / emech / psybnc sau poate un remote desktop, Shell , sau poate vrei un site, Ofer Hosting, cc / paypal / spam /drone /boti , Tot ce trebuie sa
- Maka` I need email list all country big file on email list like 500 mb 1-2 gb if you have prv me
- d3x SELLING EU DUMPS WITH PIN [TRACK1/TRACK2+PIN] || PAYPAL ACCOUNTS WITH GOOD BALANCE [VERIFIED/UNVERIFIED] || FULLZ AND CVV2 [US/EU] || DONT WASTE MY TIME OR I WILL IGNORE YOU || FOR DEAL ICQ : 436306694
- traxpro Selling USA/Worldwide VISA/MC dumps from hotels. Natural track. Various bins are available. Offering tutorials, software and other additional info for all my clients.
- traxpro Spamming for HSBC, Halifax, CIBC. e-trade bank logins. Selling UK, USA, Swedish, Australian cvvs.
- Selling CVV, Checked and Verified 5$ each, E-gold and WU(for bigger orders) Accepted
- Charleskj Am Nevoie De Un Php Mailer Uplodat Care Trimite Inbox , Cine Are Prv Me , Pot Oferi Multe / Need A Php Mailer Uploated That Sends Inbox , Who Have Please Prv Me , Can Offer Many Things !!!
Different people offer a diverse set of stolen credentials, which can then be abused - quite interesting to observe all the trading activity (although we can only see the advertisements and not the actual trades). Last year, Franklin et al. published a study entitled "An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants". In this paper, the authors present an analysis of 13 million public IRC messages obtained from several networks and channels, collected over a 7 month period. The particular channel we observed is one of them - time for some analysis to validate their measurements...
- DonDax SELLING Selling USA/Europe VISA/MC DUMPS ,BANKS(halifax,HSBC etc ),Fulls(PIN,DOB,SSN),Paypals(email),EGOLD, and Cvv2's(worldwide). No ripping and NO TESTS.
- Hicks Cashout WESTERN UNION on UK LONDON / GREECE- ATHEENS !!!
- Hicks Selling dumps+pin new ones every week and FULLS ALSO !!!
- JuanesXloT Scot Epic partea ta 50% !! DE asemenea scot conturi caja madrid partea ta 50% ! Caut spammer bun sa fim parteneri am eu scamuri partea ta 50% ! Sau daca ai tu carduri care merg facute cu 1010000... si merg scoase
- M3ster Daca doresti sa-ti achizitionezi un RooT de :scan / flood / pagina / emech / psybnc sau poate un remote desktop, Shell , sau poate vrei un site, Ofer Hosting, cc / paypal / spam /drone /boti , Tot ce trebuie sa
- Maka` I need email list all country big file on email list like 500 mb 1-2 gb if you have prv me
- d3x SELLING EU DUMPS WITH PIN [TRACK1/TRACK2+PIN] || PAYPAL ACCOUNTS WITH GOOD BALANCE [VERIFIED/UNVERIFIED] || FULLZ AND CVV2 [US/EU] || DONT WASTE MY TIME OR I WILL IGNORE YOU || FOR DEAL ICQ : 436306694
- traxpro Selling USA/Worldwide VISA/MC dumps from hotels. Natural track. Various bins are available. Offering tutorials, software and other additional info for all my clients.
- traxpro Spamming for HSBC, Halifax, CIBC. e-trade bank logins. Selling UK, USA, Swedish, Australian cvvs.
- Selling CVV, Checked and Verified 5$ each, E-gold and WU(for bigger orders) Accepted
- Charleskj Am Nevoie De Un Php Mailer Uplodat Care Trimite Inbox , Cine Are Prv Me , Pot Oferi Multe / Need A Php Mailer Uploated That Sends Inbox , Who Have Please Prv Me , Can Offer Many Things !!!
Different people offer a diverse set of stolen credentials, which can then be abused - quite interesting to observe all the trading activity (although we can only see the advertisements and not the actual trades). Last year, Franklin et al. published a study entitled "An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants". In this paper, the authors present an analysis of 13 million public IRC messages obtained from several networks and channels, collected over a 7 month period. The particular channel we observed is one of them - time for some analysis to validate their measurements...
".
Tracked: Jul 15, 10:51