Underground carders market. Translation of the book "KingPIN". Chapter 30. Maksik

Hi, Habrachiteli!
Thank you for your patience (when you were wiping through the clumsy translation, the inconsistency of the chapters and the inconsistency of the proper names), likes and hints. (And translators are a mega aspect, but this will be a separate post). I have good news - there is a spark of hope that the book will be published in paper (“IMF”) and with a professional translation. Your response is needed (need / don't need / give two / redeem all copies / books to burn). At the end of the chapter - a survey or write in a personal.

---

Kevin Poulsen, editor of the magazine WIRED, and in his childhood blackhat, the hacker Dark Dante, wrote a book about " one of his acquaintances ."

The book shows the path from a teenager-geek (but at the same time pitching), to a seasoned cyber-pahan, as well as some methods of the work of the special services to catch hackers and carders.

The book quest for book translation began in the summer at ITish camp for high school students - “ Shkvoren: schoolchildren translate a book about hackers, ” then Habrayusers and even a little editorial staff joined the translation.
')

Chapter 30. Maksik

(thanks for the translation thanks to Ignat Ershov)

Max could see what was going on. With the FBI agent at the helm, DarkMarket was going to put many carders behind bars. But, like Cassandra from Greek mythology, he was cursed to know the future, and that no one believed him.

Between the article USA Today and his failed attempt to expose the Master Splyntr, Max felt the heat coming at him. In November, he announced the departure of Iceman and gave a show with the transfer of the site under control of Th3C0rrupted0ne.
He isolated himself from society until the situation calmed down and after three weeks took the bulletin board back under another pseudonym. Iceman is dead; long live “Aphex.”

Max was tired of the cramped housing at Post Street Towers, because Chris dragged Nancy, one of his cashiers, to San Francisco, in order to rent Max a one-room apartment in Archstone’s elevated Fox Plaza corporate apartment complex in the business district. She was set up as a sales representative at Capital Solutions, a corporation opposite Aragon, used to launder part of his profits. On returning from a trip to Mongolia, T was given the task of being in the apartment and accepting the delivery of a bed paid with her legal American Express card. Chris later settled with her.

By January 2007, Max had returned to business in his new shelter with a bunch of WiFi deployed around. Fox Plaza was a giant step toward luxury compared to Post Street Towers, but Max could afford it - he could pay a monthly rent after just a couple of successful days of dump trading. Like Digits, Max has now been recognized by some carders as the second most successful seller of magnetic stripes in the world.

The first place in the list was firmly occupied by a Ukrainian, known as Maksik. Maksik worked outside the carding forums by running his own web shop of stolen cards at Maksik.cc. Buyers would first send Maksik an advance payment via egold, WebMoney, postal order or Western Union. Thus, they would buy access to his website, where they could already choose the dumps that they wanted according to BIN and card type and place of registration. For his part, Maksik would press a button to confirm a transaction, and the buyer would receive an email with the dumps that he ordered directly from Maksik’s huge database of stolen cards.

Maksik's products were phenomenal, with a high percentage of success at the box office and with a huge sample of BINs. Like Max, Maksik's cards were obtained when they were held at PoS terminals in retail outlets. But instead of scoring points in small shops and restaurants, Maksik received his cards from a much smaller number of giant targets: Polo Ralph Lauren in 2004; Office Max in 2005. Within three months, Discount Shoe Warehouse lost 1.4 million cards received from 108 stores in 25 states that hit the Maksik database directly. In July 2005, a record number of 45.6 million dumps were stolen from TJX-owned distribution network TJ Maxx, Marshalls, and HomeGoods.

It was a time when such leaks could be kept secret between hackers, companies, and federal law enforcement agencies, and affected clients were kept in the dark. To push companies to report leaks, some FBI agents followed the unwritten principle of removing company names from indictments and press releases, protecting corporations from poor publicity due to their negligible security. In the case of 1997, with Carlos Salgado Jr. - the first large-scale online credit card theft - the authorities persuaded the sentencing judge to forever seal the judicial record, for fear that the affected company was waiting for “the loss of business in view of the prevailing opinion that computer systems could be vulnerable. ”Therefore, eighty thousand victims were never notified that their names, addresses and credit card numbers were put up for sale in IRC.

In 2003, the state of California effectively stopped such cover-ups when the legislature passed SB1386, the first national law on mandatory disclosure of leaks. The law required organizations hacked by hackers who did business in the Golden State to promptly warn potential victims of identity theft about a detected leak. In the following years, forty-five other states passed similar laws. Now, no significant leak of customer data has been kept secret for long, since it was discovered by the company and the banks.

The headlines around the gaps in the giant stores only added brilliance to the Maksik product - he did not try to hide the fact that he was selling dumps from retailers. When the TJX attack appeared in the news in January 2007, the details that were made public also confirmed what many carders had already suspected: the Ukrainian had a hacker in the US supplying him with dumps. Maksik was the mediator of the mysterious hacker from the states.

In mid-2006, the hacker appeared to be in Miami, where he parked at two Marshalls stores owned by TJX, and hacked their WiFi. From here, he jumped into the local network and made his way to the corporate headquarters, where he launched a batch sniffer to catch live credit card transactions from Marshalls, TJ Maxx, and HomeGoods stores across the country. Sniffer, as later discovered by the investigation, worked unnoticed for seven months.

Max had a rival in America, and damn good.

Thanks largely to the hacker Maksik and Max Vision, the popular opinion among consumers that web transactions were more secure than real-life purchases is now completely erroneous. In 2007, most of the compromised cards were stolen from retail stores and restaurants. Intrusion into huge stores led to the compromise of millions of cards at a time, but holes in small points of sale were more common - Visa analysis found that 83 percent of credit card leaks came from stores processing a million or less Visa transactions per year, with the majority of thefts occurring in restaurants.

Max tried to keep the sources of his dumps secret, falsely claiming in posts on the forum that the data was obtained from credit card processing centers in order to lead investigators astray. But Visa knew that PoS terminals in restaurants were under attack. In November 2006, the company issued a brochure for the food service industry, warning of hacker attacks taking place through VNC and other remote access programs. Max, in spite of this, continued to find a constant stream of vulnerable eateries.

But Max was not enough. He did not go into the business of data theft to be the second of the best. Maksik cost him money. Even Chris now bought from two: from Max, and from Maksik, depending on which seller offered him a good deal with the best dumps.

Under Max's instructions, Ti made friends with a Ukrainian for several months and urged him to start trading on the Carders Market. Maksik politely refused and offered to visit him sometime in Ukraine. Having received a refusal, Max dropped the gloves and gave Ti a trojan program to send to Maksik, hoping to gain control over the dump database of the Ukrainian. Maksik ridiculed the hacking attempt.

Perhaps Max would be more comfortable if he knew that he was not the only one who was disappointed by the serious safety of Maksik.

Federal law enforcement agencies have been tracking Maksik since the moment he became the most influential criminal in the result of “Operation Firewall”. A secret service agent, working under cover, bought dumps from him. Postal Inspector Greg Crabb worked with law enforcement agencies in Europe to catch carders who did business with Maksik, and now he has provided the information he received to the Ukrainian National Police. In early 2006, the Ukrainians finally established that Maksik is someone Maxim Yastremsky from Kharkov. But they did not have sufficient evidence to arrest.

The United States has refocused on calculating the source of the Maksik hacks. Egold once again provided a starting point. The Secret Service analyzed Maksik's accounts in the egold database and found that from February to May 2006, Maksik transferred $ 410,750 from his account to Segvec, the seller of dumps on Mazafaka, presumably located in Eastern Europe. The outgoing transfer implied that Segvec is not one of Maksik's customers, but a supplier who receives its share.

The feds got a chance for more accurate information in June 2006, when Maksik was vacationing in Dubai. San Diego Secret Service agents worked with the local police to “sneak up and see” in his room, where they secretly copied his hard drive for analysis. But it was a dead end. Important material on his disk was encrypted by a program called Pretty Good Privacy (Note: “Reliable Privacy”). That was enough to stop the Secret Service on its way.

Carders, such as Maksik and Max, were at the forefront in mastering an unexpected gift of the computer revolution: cryptographic programs are so strong that, in theory, even the NSC could not crack them.

In the 1990s, the Ministry of Justice and the FBI, Louis Freeha, tried very hard to make such encryption illegal in the United States, fearing that it would be mastered by organized crime, pedophiles, terrorists, and hackers. These efforts were doomed. American mathematicians have spent decades deciding to develop and publish highly reliable encryption algorithms that have competed with their own government-certified systems, and the gin was released from the bottle. In 1991, a US programmer and activist named Phil Zimmerman launched the Pretty Good Privacy free program (Note: “Secure Privacy”), which was available via the Internet.

But this did not stop the attempts of law enforcement and intelligence. In 1993, the Clinton administration launched the so-called Clipper Chip, an encryption chip developed by the NSB for computers and phones, designed with a key recovery function that would allow the authorities to crack the cipher if necessary for legitimate reasons. Chip had a complete failure in the market and by 1996 the project had died.

After that, lawmakers slowly began to act in the opposite direction, talking about a revision of the export restrictions of the Cold War era, which classified strong encryption as “weaponry”, mostly banned for export. Restrictions forced technology companies to remove strong ciphers from key Internet software, weakening online security, while foreign companies were not bound by laws and were in a good position to outrun America in the encryption market.

The feds responded with a stern counter-proposal that would make it a five-year criminal offense to sell in America any encryption software without a built-in “back door” for law enforcement and undercover agents of the authorities. In a resolution of the Chamber’s subcommittee in 1997, a lawyer from the Ministry of Justice warned that hackers would become the main consumers of legal encryption, and used the arrest of Carlos Salgado to confirm his position. Salgado encrypted a CDROM containing eighty thousand numbers of stolen credit cards. The FBI was able to access them only because the hacker handed over the key to a dummy buyer.

“This time we were lucky, because Salgado’s buyer worked for the FBI,” the official statement said. “But if we investigated this case differently, law enforcement agencies would not have been able to gain access to the information on the Salgado CDROM. Crimes like this have serious consequences in terms of the ability of law enforcement to protect commercial data, along with privacy. ”

But the feds lost the encryption, and by 2005, unbreakable encryption was easily accessible to anyone who wanted it. The predictions about the death were largely not justified, most criminals were not technically savvy enough to use encryption.

Max, however, was. If all of his trade had failed and the feds had broken through the door of his asylum, they would have discovered that everything he collected during the crime, from credit card numbers to hacker code, was encrypted using an encryption program made in Israel called DriveCrypt - 1,344-bit military-grade cipher, which he purchased for about $ 60.

He expected that the authorities would arrest him anyway and demand a key phrase from him. He would claim to have forgotten her. A federal judge of a place would order him to reveal the secret key, and he would refuse. He will be under suspicion, maybe a year, and then released. Without his files, the authorities will have no evidence of the real crimes committed by him. No chance left - Max was sure. He was unreachable.

To be continued