Hi there,
Today I want to talk about the downfalls and rises in the German underground market.
When I started looking at the topic of information security and IT generally,
there was a big forum called "hacksector.cc", the admin(m0rphin)that started out as a small seller of stolen credit cards, also was a drug addict with very serious health problems.
If you wonder what he looks like:
http://www.youtube.com/watch?v=fCEHgu_Pv9Y
http://www.youtube.com/watch?v=Fk9nFj_E_hA
Right now he's in jail, why?
Well, not only because of the fraud and internet crime, but also because of drug related crimes.
Infact he anouncend in the non public areas of his forum that he tought he would die and even made jokes about it.
How did he get busted?
Accses to his forum was soled for only 700€ by the techadmin, after that the person who had bought accses than started selling backups for a high price and so he even made money with this, he was motevadet by revenge and since logging wasen't shut off, m0rphin (and several other crew members) got busted.
There was alot of confusion going on why, since it reads in german law books that illeagly earned information shall not be used("Fruit of the poisions tree" it reads in American law books).
Since they were no law experts but experts in doing bullshit, they didn't understand that in fact it was up to how serieus the crime was whether the info is beeing used or not.
So this means - small fishes get away big ones get busted.
Alright this was case Number 1.
After that happend alot of people left the german underground scene,
it was a strong strike against the german underground espacially since people had never before experienst troubles like this.
But there was a new force on its way to become the number 1 forum for internet crime.
IT's name "1337-crew".
When i first stumbeld accrose this forum i honestly thought this was a parody forum about the german crime scene.
The postes made by the admin "13speedtest37" were of very poor quality.
At that time he was only known for selling credit card numbers, and as the admin of a small crime forum.
But because it was designed as a marketplace it started growing,speedtest made it possible for everybody to buy and sell on his forum.
And he was stabalisying the prices for credit cards, he at that time allready made thousand of euros per month as a student.
The bust:
Now i could write ALOT about this.
Since I was very active in the debates about his bust, I could talk about the gomopa scandal and the tons of false info(maybe im going to do that later).
But it is way more important to know why mr.dominik baur (aka. 13speedtest37) got busted.
He got busted because he went to his own server without a proxy or vpn so his ip appeard in clear text in the logs.
Why did he do that???
(you may ask)
Well because he tought he was secure,
he was hosting on a russian server providet by 2x4.ru, wich didn't give out any info about him, his server was (at least he tought that) secure and the law was on his side since if the data base would get in the hands of the german bka they couldn't use the evidence(he thought).
You see it was his personal failury of not studiying the law as well as the failurie of 50 other persons that got busted 3 days after the hack.
And why didn't he know about the law?
That is the big question! Why did nobody know that, i think that there were a cople of points that lead to this:
1)- There are no real law expertes in the undergorund
2)- The culture in the underground didn't want to hear the truth.
3)- They were not curious enough about "hacksector.cc"'s case
4)- A certain amount of time elapsed between the hack and the bust.
5)- And most important the bka didn't want them to know, so they designed there press info in a way that let it open why they got busted.
I don't know if these point are correct, but I think they are.
How did the scene reacte?
Mixed, one very famous qoute is "he was the hitler of the german undergournd scene",
other were sad that there idol wasn't present in the underground anymore.
An interesting thing:
The scene recoverd very quick they had lerand from previeus case.
Just like the bka wich reacted 20 times faster then before, they also recoverd 20 times better.
Emidantily they started swapping to another forum called "carders.cc" witch a short time ago got hacked by the same people 1337-crew get hacked.
But jet no busts, interesting!
We'll see what happends.
So long ...
Samstag, 29. Mai 2010
Mittwoch, 26. Mai 2010
Announcements
Hi there,
Just wanted to tell you whats going to happend on this Blog,
Im going to Post interesting ways of doing security stuff as well as news about Cybercrime biz and the IT-Security industry.
-1 Post per Week
-50% news/biz 50% tutorials/exploits/tools
If you have Suggestions/Notes about the Blog or the Info published here email me tfrosted [\at\] googlemail.com.
Just wanted to tell you whats going to happend on this Blog,
Im going to Post interesting ways of doing security stuff as well as news about Cybercrime biz and the IT-Security industry.
-1 Post per Week
-50% news/biz 50% tutorials/exploits/tools
If you have Suggestions/Notes about the Blog or the Info published here email me tfrosted [\at\] googlemail.com.
Dienstag, 25. Mai 2010
Abonnieren
Posts (Atom)