Thank You For Following Me!

Dear blog readers,

I wanted to take the time and effort and say big thanks to everyone who's been following my work throughout the years and continues to do so. Full video here. My RSS feed here.

Stay tuned!

Exposing A E-Shop for Selling Access to Compromised PCs - An Analysis

NOTE:

I took these screenshots in 2009.

Dear blog readers,

I've decided to share with everyone some screenshots of a E-Shop for selling access to compromised PCs.

Largely thanks to a variety of built-in botnet management and control features today's modern botnet masters are fully capable of renting or offering access to malware-infected hosts which could be used for a variety of purposes which include the hosting of rogue and malicious content including the actual use of these hosts to further spread malicious software largely thanks to a variety of segmentation features currently available in a variety of high-profile malicious software and botnet releases.

Sample screenshots include:

Stay tuned!

Exposing a Compilation of Stolen Credit Cards Selling Domains - An Analysis

Dear blog readers,

I've decided to share with everyone a currently active portfolio of E-Shops selling access to stolen credit cards including the necessary technical information to assist everyone in their cyber attack and cyber campaign attribution efforts. 

Sample screenshot includes:

Sample domains known to have been involved in the campaign include:

hxxp://ccgetmoney.com

hxxp://cvvshop.in

hxxp://cvvshop39.com

hxxp://evilshop.org

hxxp://shopccdumps.com

hxxp://trackgenerator.com

hxxp://validforver.com

hxxp://zunostores.com

hxxp://novlops.com

hxxp://pawnsh0p.com

hxxp://privatecvv.com

hxxp://privateshop1.com

hxxp://privateshop2.com

hxxp://selldumpsshop.com

hxxp://allmybins.com

hxxp://anyccard.com

hxxp://bases-valid.com

hxxp://batch-conf.com

hxxp://yalelodge.com

hxxp://vietnamworm.com

hxxp://freshcvv.com

hxxp://good-cvv.com

hxxp://dumpschecker.com

hxxp://jshop-pro.com

hxxp://dumpscvv2.com

hxxp://trdbz.com

hxxp://cyberxsh0p.net

hxxp://validmarket.biz

hxxp://cvvhack.com

hxxp://bulkcvv.com

Sample personally identifiable email address accounts known to have been involved in the campaign include:

greg2022@mail.ru

philmahre1989@gmail.com

Sample screenshots include:

Sample responding IPs known to have been involved in the campaign include:

hxxp://92.53.77.40

hxxp://92.223.105.218

hxxp://47.254.213.246

hxxp://49.51.135.48

hxxp://78.155.206.161

hxxp://149.129.136.245

hxxp://47.74.235.179

hxxp://92.38.135.246

hxxp://149.129.136.150

hxxp://149.129.225.92

hxxp://37.60.177.31

hxxp://194.87.103.196

hxxp://185.162.131.59

hxxp://149.129.223.249

hxxp://161.117.7.46

hxxp://46.21.248.49

hxxp://47.91.72.137

hxxp://185.185.69.33

hxxp://119.28.41.158

hxxp://85.193.85.119

hxxp://92.53.66.13

hxxp://47.74.176.216

hxxp://95.163.250.153

hxxp://47.74.236.158

hxxp://95.213.252.108

hxxp://49.51.192.130

hxxp://178.154.240.197

hxxp://172.67.144.190

hxxp://27.102.118.142

hxxp://80.87.97.201

hxxp://149.129.219.23

hxxp://185.158.152.31

hxxp://49.51.35.225

hxxp://35.198.119.28

hxxp://108.177.235.227

hxxp://193.187.128.60

hxxp://47.74.186.197

hxxp://92.53.77.90

hxxp://149.129.215.190

hxxp://47.74.137.231

hxxp://45.149.222.144

hxxp://185.167.98.134

hxxp://104.165.20.149

hxxp://47.52.233.0

hxxp://45.34.127.236

hxxp://95.213.252.3

hxxp://143.110.176.81

hxxp://47.88.156.38

hxxp://46.21.249.114

hxxp://159.65.94.111

hxxp://185.223.163.129

hxxp://185.224.212.24

hxxp://185.162.131.61

hxxp://119.28.137.123

hxxp://49.51.85.205

hxxp://194.116.216.254

hxxp://5.188.89.114

hxxp://5.188.89.22

hxxp://194.87.235.166

hxxp://92.38.135.251

hxxp://172.104.104.241

hxxp://95.213.203.64

hxxp://45.63.40.156

hxxp://149.129.216.197

hxxp://47.88.231.35

hxxp://78.155.207.76

hxxp://138.68.70.125

hxxp://185.142.239.239

hxxp://85.119.150.130

Related domains known to have been involved in the campaign include:

hxxp://stdumps.com

hxxp://shopcvvonline.ru

hxxp://golddumps.net

hxxp://hitbtctrading.com

hxxp://try2swipe.shop

hxxp://dumps-cvv.ru

hxxp://dumps-market-cvv.ru

hxxp://carderunion.ru

hxxp://cvv-carder-shop.ru

hxxp://greatdumps.net

hxxp://cvvunion.su

hxxp://dumps55.com

hxxp://okcoin-exchange.com

hxxp://dumpsmall.com

hxxp://vaildcc.su

hxxp://dumpsmall.name

hxxp://cardingmafia.su

hxxp://freshtools.ru

hxxp://http-mshop-metro-cc-ru-shop-authloading.ru

hxxp://cvv-shop.online

hxxp://dumps4free.ru

hxxp://cvvbuyonline.ru

hxxp://n1shop.net

hxxp://cardersvilla.com

hxxp://stdumps.net

hxxp://validcvv.club

hxxp://sellcvv.shop

hxxp://vaultmarket.name

hxxp://swiped1.ru

hxxp://store-best-dump.ru

hxxp://shop-forum-carder.ru

hxxp://carder007.shop

hxxp://crimenetwork.club

hxxp://cvvonlineshops.com

hxxp://verifiedshop.su

hxxp://onlinecvv.ru

hxxp://shalom.pro

hxxp://dump99.com

hxxp://bestcardersforum.ru

hxxp://smartstripe.ru

hxxp://dumps-cvv-market.ru

hxxp://zzxqsc.cn

hxxp://cardingmaestro.com

hxxp://cykkk.com

hxxp://c4rdforallove.com

hxxp://center-vinyl.ru

hxxp://cvvonlineshop.ru

hxxp://cvvshop39.com

hxxp://pack-relocation.com

hxxp://evilshop.org

hxxp://shopccdumps.com

hxxp://trackgenerator.com

hxxp://validforver.com

hxxp://xakerforum.ru

hxxp://legitvendors.su

hxxp://e-obmen.su

hxxp://cardersvilla.ru

hxxp://kimoyo.net

hxxp://prtship-forum.ru

hxxp://ccguru.su

hxxp://dpscc.ru

hxxp://ccgetmoney.com

hxxp://bulkcvv.com

hxxp://cvvshop.in

hxxp://carders-place.com

hxxp://vault-dumps.com

hxxp://cvv2shop.su

hxxp://cproforum.com

hxxp://vppspy.com

hxxp://binswork.biz

hxxp://valid4you.com

hxxp://realjabba.com

hxxp://cardstorm.ru

hxxp://globalccsource.ru

hxxp://ccshoponline.com

hxxp://rafanji.com

hxxp://tonyblack.ru

hxxp://market-dumps-cvv.ru

hxxp://allcarders.info

hxxp://mgmt.niii.in

hxxp://cvvshop39.ru

hxxp://pp24.su

hxxp://approvedcc.com

hxxp://infraud.ws

hxxp://ios.z6xg.cn

hxxp://fraudsmarket.com

hxxp://verifiedcarder.com

hxxp://validfullz.info

hxxp://store-carder-cvv.ru

hxxp://promarket.ws

hxxp://blackamex.ru

hxxp://shopadmin.ru

hxxp://feshop-one.su

hxxp://dumpscheck.ru

hxxp://card-room.cc

hxxp://ccfullz.su

hxxp://dumpschecker.com

hxxp://swipers.ru

hxxp://101blackcard.com

hxxp://stardumps24.ru

hxxp://dumpscvv2.com

hxxp://hackerimpossible.su

hxxp://verifieddumpsshop.ru

hxxp://track2.su

hxxp://worldcvv.com

hxxp://mafiastore.su

hxxp://trdbz.com

hxxp://jnpsgo.bar

hxxp://cyberxsh0p.net

hxxp://vt-professional.com

hxxp://batch-conf.com

hxxp://brocard1.com

hxxp://yalelodge.com

hxxp://verifiedshop.biz

hxxp://vietnamworm.com

hxxp://mymarket.su

hxxp://cc-best.top

hxxp://verifed-cardershop.top

hxxp://fercoamildhubti.cf

hxxp://onlineq-track.top

hxxp://goldplastic.store

hxxp://infraud.name

hxxp://geobiniri.tk

hxxp://kingscard.su

hxxp://validmarket.biz

hxxp://cvvhack.com

hxxp://sellccvs.ru

hxxp://dumpscvvmarket.ru

hxxp://thugcarders.com

hxxp://valid-shop.com

hxxp://shopvl.net

hxxp://ccplaza.club

hxxp://diamonddumps.com

hxxp://lswjsdcf358.com

hxxp://sellz-market.ru

hxxp://approved1.net

hxxp://legitcarders.com

hxxp://darknetw0rk.ru

hxxp://oroboros.su

hxxp://freshstuff.cc

hxxp://bitkonan.net

hxxp://sellz-market.org

hxxp://crimemarket.su

hxxp://myccroom.ru

hxxp://cvv1.me

hxxp://sounic.cc

hxxp://codesellz.com

hxxp://dcshop.su

hxxp://free-cc-dumps.ru

hxxp://brocard2.com

hxxp://zhilem.com

hxxp://pawnsh0p.com

hxxp://kairui999.com

hxxp://privateshop1.com

hxxp://privatecvv.com

hxxp://just-valid.com

hxxp://selldumpsshop.com

hxxp://allmybins.com

hxxp://anyccard.com

hxxp://zunostores.com

hxxp://novlops.com

hxxp://good-cvv.com

hxxp://jshop-pro.com

hxxp://storecardercvv.ru

hxxp://fe-dumps.ru

hxxp://banalitybiz.com

hxxp://privateshop2.com

hxxp://moneyteam24.ru

hxxp://buyvalidcvv.ru

hxxp://bases-valid.com

hxxp://freshcvv.com

hxxp://greatdump.com

hxxp://www.2bcd.su

hxxp://shop-buying-cvv-online.com

hxxp://cvvshopvalid.info

hxxp://realcvvshop.ru

hxxp://wucshop.com

Stay tuned!