Hackers Compromised a Popular Carding Site Exposing 300,000 User Account Details
Thursday, April 8, 2021
Unfortunately, the cost and resources required to track, arrest, and prosecute cyber criminals fall beyond governments’ abilities.
Commenting on the compromise of the illegal carding site, Ilia Kolochenko, Founder and Chief Architect at ImmuniWeb, says: “Most of the compromised accounts have fake data and IPs from anonymous VPNs or proxies that are not likely to bring much actionable evidence to law enforcement agencies for investigation. Moreover, even the Western law enforcement agencies are currently underequipped to investigate and prosecute cybercrime on a large scale, and will probably not initiate investigatory operations after the leak.”
However, he suggests that the stolen information, especially the private messages, could be useful if carefully analyzed. “Many beginners carelessly expose sensitive technical, personal and other details there. Even a simple analysis of the unencrypted messages can paint a broad picture of the underground marketplace and shed light on the true identities of wrongdoers and their clients. Cybercriminals will probably not exploit the stolen information in an aggressive manner except for some rival gangs aiming to stiff competition.”
Kolochenko suggests that the breach originated from a zero-day vulnerability on the software used to build the carding site.
“It would be interesting to learn about the origins of the hack, but mostly it will have stemmed from a 0day in forum web software, compromised admin’s machine, or maybe even a password reuse attack. We will probably not get a forensic report and may just observe how the situation develops.” Read Full Article
teiss: Booking.com fined €475,000 over delay in reporting a breach