Yet Another Currently Active E-Shop for Stolen Credit Cards Information Spotted in the Wild - An Analysis

I've just stumbled upon yet another currently active E-Shop for stolen and compromised credit cards information and I've decided to share additional actionable intelligence on its online infrastructure including to discuss the possible fraudulent and malicious schemes that could originate based on the existence of such E-Shops for stolen and compromised credit cards information.

Sample domains known to have been involved in the campaign:

https://rescator.cn

https://rescator.sh

\

Sample Dark Web Onion known to have been involved in the campaign:

http://rescatorfof3pwgux4olwxxcd22yjtuj72kmdltyr6tsr6jfohpnhead.onion

Sample screenshots from the rogue and fraudulent E-Shop for stolen credit cards information:

The E-Shop for stolen credit cards information is courtesy of one of the infamous cybercrime-friendly forum communities known as - hxxps://lampeduza.cm.

Continue reading →

Profiling Yet Another Currently Active E-Shop for Stolen and Compromised Credit Cards Information - An Analysis

I've recently stumbled upon yet another currently active online E-Shop for stolen and compromised credit cards information and I've decided to provide some actionable intelligence on its online infrastructure including to discuss the possible revenue schemes that could originate from the existence of such E-Shops for stolen credit cards information. 

Sample domain known to have been involved in the campaign:

hxxps://ugmarket.cc

Sample screenshots of the rogue and fraudulent E-Shop for stolen credit cards information:

The possibilities for related fraudulent and malicious online activity that could originate from the existence of such E-Shops for stolen and compromised credit cards information are limitless in the context of having the bad guys steal actual financial amounts directly from the victims or using them in related purchases that also includes the use of money mules to cash out the amounts.

Continue reading →

Profiling a Newly Launched E-Shop for Stolen Credit Cards Data - An Analysis

I've just stumbled upon a newly launched and currently active E-Shop for stolen credit cards information and I've decided to take a deeper look potentially exposing it and offering actionable intelligence on its online infrastructure part of the "Exposing the Market for Stolen Credit Cards Data" blog post series.

Sample domains involved in the campaign include:

hxxp://majorcc.shop/

hxxp://majorcc.store/

hxxp://majorcc.ru

Sample Dark Web Onion known to have been involved in the campaign:

http://xktoxobz3jv6epntuj5ws7nc6zuihfroxziprd5np5xkbby4nzmmmiyd.onion

Sample screenshots of the rogue and fraudulent E-Shop for stolen credit cards information:

\

Based on the actual underground forum market proposition the newly launched vendor appears to have been persistently and systematically supplying newly obtained and stolen credit cards information which in reality means that a lot of people including financial institutions are really affected by this boutique stolen credit cards information E-Shop operation.

Continue reading →

Profiling a Currently Active Brian Krebs Themed Online E-Shop for Stolen Credit Cards - An OSINT Analysis

I've recently came across to a pretty interesting Brian Krebs themed E-Shop for stolen credit cards information and I've decided to share with everyone actionable intelligence with the idea to assist everyone with their cyber attack attribution campaigns.

Sample related malicious domains known to have been involved in the campaign: 

hxxp://briankrebs.at

hxxp://briankrebs.cm

Stay tuned!

Continue reading →

My First Research Paper for WhoisXML API is now Live!

Dear blog readers,

This is Dancho and I wanted to let everyone know that my first research paper for WhoisXML API is now live here. Long story short it's an investigation of a bulletproof hosting provider that's currently hosting an E-Shop for stolen credit cards information.

Stay tuned!

Continue reading →