Tackling the hackers face-to-face

Started by bamalli, March 31, 2008, 08:31:02 PM

Previous topic - Next topic

0 Members and 3 Guests are viewing this topic.

bamalli

Tackling the hackers face-to-face

Dollars in money clip, Eyewire
Increasingly hackers use their skills to steal money
I'm lurking on IRC - Internet Relay Chat - the place where lots of net users go to talk via typed text on any and every conceivable topic.

But instead of talking about games, last night's big match or MP3s, I'm on channels with names like cc-visa, ccfull, ccpower and trade-cc.

I'm in bandit country.

The "cc" stands for "credit cards" and these are the virtual markets where thousands of stolen numbers are bought and sold all day, every day.

Card games

In most busy IRC discussion rooms, or channels, the threads of conversations are hard to follow because the typed text flies by so fast. It's like going to a party and being told you can only chat to other people by texting them on your mobile phone.

But in the channels I've joined there is no idle banter, flaming or anyone passing the time of day. It's all business, all the time.

The channels are full of adverts touting stolen goods (credit card numbers), ways to launder the cash extracted from cards and accounts or offering the other services the dedicated cyber criminal needs.

   
There are 10.000 + users here, they trade the illegal stuff, NO ONE touches them
Beelze

Hi-tech crime: A glossary
The adverts use jargon that is opaque to anyone who has not been hanging out here for some time.

The jargon reveals how the hi-tech crime world is divided. Typically those involved in net crime do one thing well. Some plunder web shop databases and steal credit card numbers. Some hack business networks so they can be used by spammers. Some are phishers who send out e-mail trying to fool people into handing over their banking details. Others have the bank accounts to help people move cash without being caught.

The hackers lack the skills to do anything with the data they steal and the old-time criminals lack the technical skills to get the data. This is where they meet.

I came across Ess4 hawking login data for the web shops he has hacked, the credit card numbers he has plundered from those sites and a how-to-guide that shows others how to do it.

He said: "i got many shops + tons of daily orders. i hack a shop in 3-4 hours and sell it for 100-500$."

He thanked "stupid admins" for making basic mistakes that let him break in.

Roze, one experienced hand and a spammer, said he exploited "human stupidity" rather than poor security.

He said: "That costs them money :)) i know is not fair .. but it`s the way we make money."

Spam in e-mail inbox, BBC
Hackers who gather data via spam or phish need somewhere to sell it
And, he said, when he was not relying on stupidity, he had a cadre of smart hackers working for him to break into networks. Curiously, most of these people were from Romania - a country that comes up again and again on these channels.

He said: "romanian guys are very smart. All the time they come with something new ;) they are the best hackers on earth i think."

Arrest record

These channels on IRC, and in many other places much harder to find, are where the deals are struck. It is where the spammer meets the botmaster or the credit card thief meets the money launderer.

And no one here has any fear of being caught. As one person calling himself Beelze put it: "it is not illegal to be in on an irc server. As well the law does not seem to care about it."

"There are 10.000 + users here, they trade the illegal stuff, NO ONE touches them," he said. "These are bank robberies, prolly in the top 100 biggest ever."

Stano, who I met in one very busy channel, said: "It is very difficult for them to find us, and even if they do, they have no evidence. So ... they go away :)"

He got started as a criminal staging fake ebay auctions and now he's a spammer.

"now I have made some investments ... and I can live the rest of my life with the money I make without spamming and so on ..but now it is in my Blood," he said.

   
STAYING SAFE ONLINE
Use anti-spyware and anti-virus programs
On at least a weekly basis update anti-virus and spyware products
Install a firewall and make sure it is switched on
Make sure updates to your operating system are installed
Take time to educate yourself and family about the risks
Monitor your computer and stay alert to threats
IRC encourages people to use nicknames and in the card trade channels these change on a regular, often daily, basis. To further hide themselves users join the channel via a machine a long way from their physical location. Look up their net address and you find information about a PC sitting on the domestic network of one of the bigger ISPs - more than likely a bot.

Little communication is done in the channel itself - most happens via private messages sent directly between people.

The big problem that these criminals face is not the police but each other and they are in constant fear of being ripped off by their brethren. There is little honour among these thieves.

For instance, every now and again someone will supply links to software useful to criminals. Programs can be found that crack ebay accounts, that help plan a spam run or supply background information about credit cards if you only have the number.

The vast majority of these programs are booby-trapped with viruses that try to steal the information passing through them.

This lack of trust is widespread. Beelze, who rents networks to scammers, lamented the fact that he had no way to check the reputation of those buying services.

Many pay via cracked Paypal accounts and when the real owner of the account kicks up a fuss the money is taken back. Leaving people like Beelze out of pocket.

Beelze said: "The scammer will still have its service or at least, had, up to the time it got refunded." He said he was losing thousands of euros a month this way. Those with the cracked accounts do not care because they can just use another one. Some have many thousands of cracked accounts.

"Paypal is practicly the most used by criminals," he said.


By Mark Ward
Technology Correspondent, BBC News website