Developers Club geek daily blog

Underground market of crankcases. Transfer of the book "KingPIN". Chapter 26. "What’s in Your Wallet?"

1 year, 5 months ago
Kevin Poulsen, the editor of the WIRED log, and in blackhat childhood the hacker of Dark Dante, wrote the book about "one acquaintance".

In the book the way from the teenage geek (but at the same time rolling), to the experienced cyberkingpin, and also some methods of work of intelligence agencies on capture of hackers and crankcases is shown.

The quest on transfer of the book began in the summer in Itshny camp for seniors — "The Pin: school students translate the book about hackers", then were connected to transfer also Habrayuzera and even a few edition.

Chapter 26. What in your wallet?

(for transfer thanks of al_undefined)

Sale of 100% of the checked fresh dump (USA), discounts:

$11 of MasterCard
$8 of Visa Classic
$13 of Visa Gold/Premium
$19 of Visa Platinum
$24 of Visa Signature
$24 of Visa Business
$19 of Visa Corporate
$24 of Visa Purchasing
$19 of American Express = reduction of price (there was 24)
$24 of Discover = reduction of price (there were 29)
The minimum order — 10 pieces.

Sale on types of cards. Not on Bin'am (a lane comment — the identifier of issuing bank).


The aggressive capture turned by Max was made with the purpose to integrate community forces, but not for the purpose of personal enrichment. Nevertheless, its business selling stolen data from magnetic bands of plastic cards after consolidation of forums prospered more than ever — it received about one thousand dollars a day, selling dump to crankcases worldwide, in addition to five — to ten thousand that he received from partnership with Chris.

On public, during meetings FTC (Federal Trade Commission) or anywhere, the industry of credit cards very much tried to hide effects of the becoming frequent facts of theft of data from magnetic bands worldwide. Visa, the leader in the field of credit cards, supported the report of the Javelin Strategy and Research company financed by the industry (a lane comment — the agency which is engaged in an assessment of risks and opportunities in areas: mobile devices, payments, multichannel financial services, fraud and safety), who accused in the circumstances consumers (clients), but not the company — sources of draining of these credit cards and thefts of personal data: 63% of the occurred cases are caused by loss or theft of a purse with the subsequent theft of data by the entrusted partners, theft of e-mail and research of contents of garbage containers (Dumpster diving).

Read more »


It is a little about Protect Yandex

1 year, 5 months ago
"Even if you will click on some link and will enter login and the password that happens nothing of that kind" — advertizing of the browser of Yandex. How it works and whether so it? Having looked at this advertizing to me of course it became interesting how Yandex could "win" against such difficult solved problem as theft of passwords. I want to note that I only considered one of functions of Yandex Protect, namely "Protection against theft of passwords".

Read more »


We join tox-community or installation of a note in 5 minutes

1 year, 5 months ago
I welcome you, about the greedy reader, the pedant and the fighter for justice on the Internet! In our weapon replenishment, is called it tox. Now I will show you, % %username, its assembly dismantling.

debian_tox_dht

There is such remarkable system which is called TOX. There is their official site, and here a profile on github.

Already wrote a set of times about tox, but I will list the main buns: There is no DHT — dependence on the central server, there is enough at least one note, enciphering on the client — Vasya writes Masha, the Pasha will read nothing telegram.

Read more »


Google tests a "besparolny" input

1 year, 5 months ago
One of users received the invitation to test a new method of authentication and reported about it in one of groups on Reddit.
Paule's (Rohit Paul) rickets was invited to participate in testing of a new method. Now for it to log in to the account on Google it is rather simple to enter the login and to confirm an input on the phone.
Rickets kindly shared screenshots: process of a besparolny input looks so:

Read more »


Underground market of crankcases. Transfer of the book "KingPIN". Chapter 24. "Exposure"

1 year, 5 months ago
imageKevin Poulsen, the editor of the WIRED log, and in blackhat childhood the hacker of Dark Dante, wrote the book about "one acquaintance".

In the book the way from the teenage geek (but at the same time rolling), to the experienced cyberkingpin, and also some methods of work of intelligence agencies on capture of hackers and crankcases is shown.

The quest on transfer of the book began in the summer in Itshny camp for seniors — "The Pin: school students translate the book about hackers", then were connected to transfer also Habrayuzera and even a few edition.

Chapter 24. "Exposure"

(for transfer thanks of satandyh)

Accusation

"The Tea, these little girls — white garbage. Be not on friendly terms with them better," — Chris told — "Brains at them others."

They sat in "Naan and Carry", 24-hour Indian-Pakistani small restaurant in the theatrical district of San Francisco. It occurred three months later since that moment when Tea got acquainted with Chris and was with it on one of its trips to the region of the Bay where he met the mysterious friend hacker of "Sam", just before dawn. They were in only four quarters from the safe house of Chris, but Tea still was not provided to the hacker — neither now, nor before. Nobody met Sam personally.

She was fascinated by that as all this worked: the non-cash nature of crimes and a method to which Chris organized the command. He told it everything when decided that it is ready, but he never asked it to make purchases in shops as the others. It was special. He did not even like to dangle with it and with the command of cashing in at the same time, for concern that they somehow can do much harm it.

The Tea was also the only worker to whom do not pay. After she refused 40 dollars left by Chris on a bedside table, he decided that Tea will not take from it any money, despite long hours which she spent on CardersMarket and on the Russian bulletin boards for crimes. Chris cared for lease of the house Tea, bought by it clothes and paid its travel, but it nevertheless found such existence a little strange: life online, travel by means of confirmations, but not tickets for airplanes. It became the ghost, her body was in the Orange country, and the reason was most often projected to Ukraine and Russia, giving support to leaders of organized cybercrime as the emissary of Iceman — i.e. the world of crankcases of the West.

Read more »


Underground market of crankcases. Transfer of the book "KingPIN". Chapter 23. "Anglerphish"

1 year, 5 months ago
In the 23rd head it will be a question about hitrozho imperceptible (almost like in the movie "Catch Me if You Will Be Able") the criminal who drove FBI around a finger, at the same time managed to turn affairs while knocked to intelligence agencies, but eventually lost because of the woman, but managed to get out and run away. And still he in the best traditions of Chichikov used "dead souls" for cashing in of stolen credit cards.


Kevin Poulsen, the editor of the WIRED log, and in blackhat childhood the hacker of Dark Dante, wrote the book about "one acquaintance".

In the book the way from the teenage geek (but at the same time rolling), to the experienced cyberkingpin, and also some methods of work of intelligence agencies on capture of hackers and crankcases is shown.

The quest on transfer of the book began in the summer in Itshny camp for seniors — "The Pin: school students translate the book about hackers", then were connected to transfer also Habrayuzera and even a few edition.

Chapter 23. Anglerphish

(for transfer thanks of Find_The_Truth)

Anglerfish

Max was engaged in collection of information on Brett Johnson. It began with check of logs of access and personal messages of the administrator of CardersMarket. To check itself, Max Johnson's account on the website of "The international association of development of criminal activity" hacked ("The International Association for the Advancement of Criminal Activity", IAACA) and looked for traces of its activity. However, the smoking guns, other proofs were.

Really he could bring the informant into a narrow circle of its new website? The problem is that there is no specific method to define whether Johnson, or someone else works for the government. Max wanted to use a hole in safety of law as buffer overflow in BIND which he could use again and again concerning any whom he suspected.

If (is_snitch(Go llumfun)) ban(Go llumfun);

It trusted in David Thomas, without representing that Thomas already entered Aysman in the kilometer list of enemies.

Read more »


Google stops support of SHA-1 of certificates after Mozilla and Microsoft

1 year, 5 months ago


Not so long ago the Microsoft corporation declared fast completion of support of TLS and SSL of certificates where the hashing algorithm SHA-1 is used. Before it the similar statement was made also by the manual Mozilla. Now and the Google corporation decided to arrive in the same way, having stopped support of SHA-1 till January 1, 2017.

The problem consists that in the near future there will be no problems with selection of collisions for such hashing algorithm. ADP equipment becomes more powerful, cloud services develop and similar operation will not be too expensive to the malefactor any more. Now the Google corporation already began to mark the websites with such certificate as unsafe.

Read more »


Underground market of crankcases. Transfer of the book "KingPIN". Chapter 22. "Enemies"

1 year, 5 months ago
Kevin Poulsen, the editor of the WIRED log, and in blackhat childhood the hacker of Dark Dante, wrote the book about "one acquaintance".

In the book the way from the teenage geek (but at the same time rolling), to the experienced cyberkingpin, and also some methods of work of intelligence agencies on capture of hackers and crankcases is shown.

The quest on transfer of the book began in the summer in Itshny camp for seniors — "The Pin: school students translate the book about hackers", then were connected to transfer also Habrayuzera and even a few edition.

MagisterLudi: "I apologize, under the end of the year confusion with ready heads began again, we spread that is, not one after another."

Chapter 22. Enemies

(for transfer thanks of GrizliK)

Johnathan Dzhiannone learned that loss of private life is the price for work with Iceman'om.

It worked with the mysterious hacker within a year, generally purchasing servers which Iceman used for scanning of vulnerabilities, but all the same was under the permanent electronic king from Iceman'a. Once, the hacker sent to Dzhiannona the link to news allegedly on the website CNN about a computer problem to JetBlue, airline which fought back Dzhiannone's racketings very long time ago. Dzhiannone without thinking clicked the link and then Iceman got to its computer again. Attack like Client-side worked.

Dzhannone began to check regularly the computer for existence of malicious applications, but all the same could not monitor all invasions of Iceman'a. Max received Dzhannone's password from the bonus United Airlines system and began to monitor its movements on the world. Dzhannone was a fan of aviatravel who could go easily to flight, only to earn bonus miles. When it landed at the international airport San Francisco, in its mobile there was already a text message from Iceman'a. "Why you in San Francisco?"

It could seem amusing if not frightening differences of mood of Iceman'a. It could change in a second — in one day you will be for it the best friend, it will be confident in another that you are an informer, the traitor or is even worse. He wrote Dzhiannone long spontaneous letters, with complaints to Chris or other associates of crankcases.

Read more »


152-FZ. TsODy, databases and notifications on them

1 year, 5 months ago
According to the changes made to the Federal law by 152-FZ Federal law of 21.07.2014 N 242-FZ the notification sent to Roskomnadzor has to contain:

10.1) data on the location of the database of information containing personal data of citizens of the Russian Federation;

Until recently given requirement was not duplicated neither in Administrative regulations of Roskomnadzor, nor in forms of the corresponding Notifications (they are two — for giving in paper and in electronic form — and strangely enough they are different). But as the law - is - the law (the changes 152-FZ demanding to specify location of a DB with PDN became effective this summer), it is logical that Roskomnadzor demanded to specify from operators these data in the notification. And naturally it caused difficulties in operators as could answer a question as where it is necessary to specify nobody.

But everything changes and the Ministry of Communications issued the Order of August 28, 2015 N 315 (links in pdf, a text type).

Read more »


Birthday of the founder of the oldest hacker club Chaos Computer Club

1 year, 5 months ago


On December 20, 1951 Herwart Holland-Moritz famous as Wow Holland (Wau Holland), the co-founder of Chaos Computer Club (CCC) in 1981 was born, is one of the hacker clubs, oldest in the world.

imageCCC gained the world fame when his members published vulnerabilities in a security system of the German teletext operator Bildschirmtext (Btx). Hackers received 134 000 DM from bank, repeatedly getting access to its page to Btx. In several days hackers returned money.

Wow Holland was a brilliant speaker, the person with the big sense of humour standing on positions of openness and freedom of information exchange.

Read more »