Underground carders market. Translation of the book "KingPIN". Chapter 17. Pizza and Plastic

Kevin Poulsen, editor of the magazine WIRED, and in his childhood blackhat, the hacker Dark Dante, wrote a book about " one of his acquaintances ."

The book shows the path from a teenager-geek (but at the same time pitching), to a seasoned cyberpahan, as well as some methods of the work of the special services to catch hackers and carders.

The quest to translate the book began in the summer at the IT camp for high school students - “ Shkvoren: schoolchildren translate a book about hackers, ” then Habrayusers, and even a little edition, joined the translation.
')
The second breath "quest for the translation of the book" was due to the company Edison . In the previous chapter, we talked about how the trust cardders were opened using a controlled VPN, and the Edison developers told us that they created a VPN from an anonymous customer. And just a couple of days ago, a person with Habra addressed them with a request to help build an anonymous chat. So the topic of development in the field of anonymous VPN services is alive and relevant.

Chapter 17. "Pizza and Plastic"

(for the translation thanks to Ashot Ogoltsov)
On the top floor of a skyscraper on Post Street, on the laminate floor, was Max's computer - quiet and cold. It was a small apartment, slightly larger than a prison cell. This apartment was found to him by Chris, and she met all his needs: a small area, a huge number of neighboring Wi-fi networks. The apartment was decorated under a light wood, there was a large fridge in it and there was a folding bed that was removed into the wall.

It was a neat apartment of 27 square meters with no frills, where Max was hiding after leaving his penthouse. He received a good profit from operations with Citibank and had not been hacking for several months. Chris could only prepare fake documents for a semi-annual rental apartment and pay a deposit of $ 500.

Outside the window, you could see shops and apartments, which, without knowing it, were already ready to provide Max’s computer with a channel for communication. As soon as his computers were turned on, and the antenna caught the channel of some dupe, Max spent some time to return to his business.

As usual, he aimed at froders, and for this he developed several new methods of data theft. He was aware of the latest phishing attacks as he monitored alerts from the organization under the APWG (Anti-Phishing Group www.antiphishing.org ). Alerts included phishing site addresses and associated emails. That was enough for Max to penetrate the phishing servers and re-steal the stolen data. After that, he deleted the information on the servers, which is extremely disappointing phishers.

Other attacks were less targeted, Max was still in the ranks of white-hat hackers, and was present at private email addresses, where 0-day vulnerabilities were often revealed. For days and nights, Max’s computers scanned servers for vulnerabilities. Once, Max scanned the Windows server for buffer overflow and found what brought him to the world of carders.



The Windows server that he scanned was located in the Pizza Schmizza restaurant in Vancouver, WA. He knew this place, it was not far from the mother house. After examining the contents of the computer, he learned that it was used as a backend for the POS terminals of the restaurant. Using this computer, data on card transactions were collected, and then, once a day, they were sent to the processing center in one go. Max found out that the files containing transaction information, as well as complete data from the magnetic stripe of cards, were uncrypted.

Moreover, the system kept a backup of all transaction data files, starting from the day the system was installed - for 3 years. So Max copied the data for more than 50,000 transactions and deleted the original files. Ultimately, the restaurant does not need this data, and the storage of this data was contrary to Visa security standards. Mike sorted the data, removing duplicate and expired card dumps.

For the first time, Mike had a main source of clean cards that were almost guaranteed to be profitable. So far, Chris has complained that some of the Max dumps were outdated, this will not happen again. When a customer ordered a large, family pie at Pizza Schmizza, Max received a dump of his card before the rest of the cake had time to cool.

Max finished cleaning up the received dumps and gave Chris a test, noting that the dumps are very fresh, two days old.

Now Chris and his team could not “digest” those 50 dumps a day that Max received from Pizza Shmizza. Max decided to take the first steps in the sale on the carding scene, Chris offered him to ensure sales of dumps for 50% gain.

But Max was worried about Chris's recklessness, he was buying gold everywhere, leaving the police only a step behind. At the same time, Chris knew too much about Max and it was difficult for Max to refuse him. Max gave his consent and Chris began to represent his interests in the underground.

Soon, Chris told Max about selling dumps, while Max, using a backdoor on Chris's computer, knew that Chris does not sell, but uses dumps himself. For Max, there was no difference in terms of the plan, but he was tormented by the thought that he was being deceived. This forced Max to begin his search for a partner whom he could easily control.

Over time, John Giannone, a teenager from Long Island, became the replacement for Chris. Gianone was a smart kid from a middle-class family, he indulged in a bit of coke and was madly wanting to become a tough-looking cyberpunk. Frankly speaking, the business that Gianone turned, was not at all impressive, he bragged to the carders that he had squeezed all the buttons in the elevator and the next person who entered the elevator had to stop at each floor. He also boasted how in a bank, on a form for statements, he wrote “I have a bomb, drive money, or undermine everyone” and put in a pile of empty forms.

At 17, Gianone joined Shadowcrew and CarderPlanet under the guidance of MarkRich and became involved in small operations. His reputation was tarnished when he fell for making fake air tickets, and rumors spread that he was constantly stealing on the forum. In desperation, Gianone paid a more successful card for the exclusive right to be under his guardianship. Under the name “Enhance” the teenager became more visible, but this did not affect his success.

In May 2003, he tried to repeat the blackmail scheme invented by Russian hackers. Gianone borrowed a botnet from one hacker and started JetBlue's DDoS, putting the website for some twenty-five minutes. Then he sent an email to the airline demanding to pay him $ 500,000 for protection in cyberspace. However, the company decided not to pay, and did not even recognize the actions of the cybergangster, the company said the next day that they would send the email to the appropriate law enforcement department and noted that the site had collapsed due to system upgrades.

Max found Gianone using his Free Amex program, the guy doing his business from the computer that was in his mother’s bedroom. Max and Chris looked at the data on Gianone, and decided that he was suitable as a partner. In particular, Chris saw himself as a young man, playing with coke, squinting under a gangster. Gianone often visited Orange County, he loved to soak up the sunshine. Chris also began to rest in Orange County and made friends with Gianone, his apprentice Chris gave a nickname - "The Kid" ("the Kid").

It so happened that Max knew everything about Gianone, while Gianone did not know anything about Max. From the point of view of Max, this was the perfect environment for cooperation. Gianone sold several dumps provided by Max, and then presented Max among other carders who were interested in shopping using ICQ. Max worked under the name "Generous".

Working with strangers was a big step for Max, and he undertook everything necessary for his safety. He used his own private network of hacked computers for correspondence on the forum of carders, this guaranteed that, as a maximum, he could be tracked to the hacked neighbor Wi-fi network, but that would not be easy. For more security, Max changed his writing style, fearing that anyone could find a match in the style of his posts on the Karders forum with bugtracks or posts left on behalf of Max Vision. The FBI has already paid attention to numerous seemingly familiar phrases in an anonymous letter that Max sent to the Lawrence Berkeley laboratory during a BIND attack.

Max received profits from transactions on an anonymous e-gold account linked to a payment card. The boy registered a business account with Bank of America, for registration he indicated a car repair company - A & W Auto Clinic, then sent Max a magnetic strip dump and a PIN code. Max made a duplicate using MSR206 (encoder for recording magnetic bank cards), now dump buyers could make a cash contribution to the AW Auto Clinic account at any branch of Bank of America and Max received money on a cloned card.
Max didn’t need money, he spent most of the money cashed from Citibank’s operation on handouts to homeless people and buying the Sony AIBO robops for $ 1500.

At the same time, Max was far from zero, he got a well-paid job as a system administrator in the traditional business of Second Life, a three-dimensional virtual world with thousands of visitors.

There was only one reason for which Max risked more and more - dependence on the lifestyle of a professional hacker. Max was crazy about freedom, cat and mouse games, anonymity and tremendous power. Covered with anonymity, being in his safe apartment, Max could indulge in any desires, investigate any hidden network nook and indulge any desires without fear for consequences. Max responded only to his own conscience.

And yet, somewhere in the depths of the heart, a criminal hacker remained a boy. A boy who cannot resist the temptation and crawls to school at midnight to leave his mark.


To be continued