#CCpower Only Scam?
Tuesday, July 15. 2008
Several days ago I blogged about a compromise of our honeypots in which the attacker joined the IRC channel #CCpower. Such a channel is commonly used by attackers to trade stolen credentials like credit cards, ATM pins, social security numbers, or similar things. Again, a small excerpt from within this channel:
- USA-DUMPS: I HAVE VIRGIN USA DUMPS FOR SHOPPING (WITHOUT PIN). LOOKING FOR REAL US CASHIER FOR LONG TERM RELATIONSHIP. MY YAHOO MESSENGER ID IS : DUMPS_SELLER ! RIPPERS DON'T WASTE MY TIME! CONTACT ME ONLY IF YOU'RE FOR REAL. THANK YOU!.
- cards: Selling USA dumps for shopping /msg cards- for details..
- User2: Carti Fullz,Paypal Fullz,user eBay, Root,Remote Desktop, Loginuri Wells si boa Sockuri ...etc..Care esti afara sau ai ceva point de facut bani prv me!!POt sa dau Spam pe oRice BAnca NUMAI DE STATE inclusiv eBay si Paypal daca ai pont!!!.
- vendors: Spamming for HSBC, Halifax, CIBC. e-trade bank logins. Selling UK, USA, Swedish, Australian cvvs..
- HenryMtcn: Cashouting Uk BanK Logins Halifax Abbey and Natwest Share Guarranted..
- zoRnking: I searching good deals.. with sure (100%) cashout - out rippers - because i work with money upfront on the first deal and the get back after cashout - /msg zoRnking if you accept my rules or add my YM: zornunhackXXX@yahoo.com.
- MSR206: Selling atm skimmer + MSR206 with 5 blank magnetic cards , video available for checking the items pvt me for info.
- Zenq: Vand Carti Fresh Full Info & Cvv2 (AU,CA,UK,US,IT,SP,EU),Dumpsuri With Pin and Track1,Track2 and Track3 Luate Cu Cipul sau cu Gura de Skimmeri.........Logine Full (Carte + user & password) (BOA,RBC,Desjardins,Paypal,Intesa,Poste.it,Wamu,Wachoavia,Chase,MoneyBookers),Usere Ebay(Seller & Buyer)..RIPPERS OUT (My Contact ICQ = 3972973XX)
Two comments on the previous blog entry pointed out that these channels are commonly used for scams. The first one:
And the second one:
Does anybody have more information on this topic, for example evidence that the trading activity in these channels is commonly scam and also some kind of proof? I am interested in this topic since the implication would be that the paper by Franklin et al. on the underground economy ("An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants") is not completely right - it would greatly overestimate the real size of the underground economy. Please leave a comment or send me an e-mail to thorsten.holz [at] gmail.com.
- USA-DUMPS: I HAVE VIRGIN USA DUMPS FOR SHOPPING (WITHOUT PIN). LOOKING FOR REAL US CASHIER FOR LONG TERM RELATIONSHIP. MY YAHOO MESSENGER ID IS : DUMPS_SELLER ! RIPPERS DON'T WASTE MY TIME! CONTACT ME ONLY IF YOU'RE FOR REAL. THANK YOU!.
- cards: Selling USA dumps for shopping /msg cards- for details..
- User2: Carti Fullz,Paypal Fullz,user eBay, Root,Remote Desktop, Loginuri Wells si boa Sockuri ...etc..Care esti afara sau ai ceva point de facut bani prv me!!POt sa dau Spam pe oRice BAnca NUMAI DE STATE inclusiv eBay si Paypal daca ai pont!!!.
- vendors: Spamming for HSBC, Halifax, CIBC. e-trade bank logins. Selling UK, USA, Swedish, Australian cvvs..
- HenryMtcn: Cashouting Uk BanK Logins Halifax Abbey and Natwest Share Guarranted..
- zoRnking: I searching good deals.. with sure (100%) cashout - out rippers - because i work with money upfront on the first deal and the get back after cashout - /msg zoRnking if you accept my rules or add my YM: zornunhackXXX@yahoo.com.
- MSR206: Selling atm skimmer + MSR206 with 5 blank magnetic cards , video available for checking the items pvt me for info.
- Zenq: Vand Carti Fresh Full Info & Cvv2 (AU,CA,UK,US,IT,SP,EU),Dumpsuri With Pin and Track1,Track2 and Track3 Luate Cu Cipul sau cu Gura de Skimmeri.........Logine Full (Carte + user & password) (BOA,RBC,Desjardins,Paypal,Intesa,Poste.it,Wamu,Wachoavia,Chase,MoneyBookers),Usere Ebay(Seller & Buyer)..RIPPERS OUT (My Contact ICQ = 3972973XX)
Two comments on the previous blog entry pointed out that these channels are commonly used for scams. The first one:
And for the article, I was hanging around on different ccpower networks since the beginning, 90% of these deals are ripoffs. Poor scum nigerians and romanians try to make 20$ deals by ripping eachother off. This is just a PUG what you find on undernet and different networks like unixirc, linuxirc. These people not even criminals just losers in life. I wouldn't bother wasting too much time for watching them. Won't do any good. You will never find any serious criminal group on the internet, since their trust builds in real life.
And the second one:
lol he said the truth!! most of them are rippers and scum bags..and yes, trust is built in real life not on internet!
Does anybody have more information on this topic, for example evidence that the trading activity in these channels is commonly scam and also some kind of proof? I am interested in this topic since the implication would be that the paper by Franklin et al. on the underground economy ("An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants") is not completely right - it would greatly overestimate the real size of the underground economy. Please leave a comment or send me an e-mail to thorsten.holz [at] gmail.com.
".
