Thursday, October 23, 2014

 

SecTor Speaker Shows How Credit Card Thieves Get Caught.

Credit card theft is a common digital crime, but there are a few ways law enforcement tracks down carders, a Nuix consultant says. 


TORONTO-Credit card theft continues to be among the most common and widespread forms of digital crime.

Speaking at the SecTor security conference here Oct. 22, Grayson Lenik, principal security consultant at Nuix, outlined how these credit card thieves—known as "carders"—operate and how they eventually get caught.

The world of carders is a highly hierarchical one of carding forums and carding groups.

The business of credit card theft is discussed and taught in these online carding forums, which are sites that provide users with information and tools on how to steal credit card numbers.

Lenik noted that one of the most popular carding forums is a site called Carding Mafia, though he suspects that most of site's viewers are law enforcement professionals looking to track down thieves and obtain information. "Probably 70 percent of the users are law enforcement at this point," Lenik said. In terms of how carding groups operate, there is an organizational hierarchy in place.

At the top is the leadership—the people who actually own the carding forums and write the malware that is used to steal user information. Lenik said it's unlikely that leadership of carding groups is a state-sponsored activity, though he noted that carding might well be state condoned in certain countries, such as Russia, for example.

Underneath the carding leadership are the middlemen, who keep the carding forums full with fresh dumps of credit card information and credentials. The middlemen in turn employ the services of what are known as "money mules," who are essentially the common criminals of the carding world.

"Money mules are people looking to make a quick buck," Lenik said.

Getting Caught

When carders do get caught, several common reasons why and how may factor in, Lenik said.

The first reason is laziness. Some carders hold the misplaced belief that they won't get caught, and that false sense of security leads them to not taking the necessary precautions to hide their locations or identities, Lenik said. Lazy activities that lead to carders being caught include hacking from home, not using some form of anonymizing service and hard-coding their IP addresses in malware.

Carders can also get caught by virtue of bad luck. For example, a carder might be stopped by police officer for a traffic violation and the officer sees carding equipment in the car. Lenik also said carders who have been caught often will give up their accomplices and other members of their group in order to receive a better deal from law enforcement.

Use of social media is another way carders can be caught. Lenik said he has seen carders post things to their Facebook or Twitter accounts that reveal information about where they are going. 

That information sometimes can be used by law enforcement officials to track down the carder.

The Carder Who Loved Me

One particularly interesting case of how a carder was apprehended involved a law enforcement professional who was working undercover in the carding world.

The female agent befriended a carder and over time developed a relationship.

As the relationship matured, the female agent convinced the carder to come to Las Vegas to marry her.

Once the carder arrived in the United States, he was apprehended. However, that wasn't the end of the story. The agent took her carder "fiancé" to various locations in Las Vegas and took pictures of both of them at various landmarks, and later posted the photos on social media.

The agent then invited the carder's friends to come to the wedding in Las Vegas. In total, Lenik said, four people were arrested after traveling to Las Vegas for the wedding.
Tags :

Share

Social

The idea behind the text.
Respect for the truth is almost the basis of all morality.
Nothing can come from nothing.



Follow

Popular Topics

Read

Well, the way they make shows is, they make one show. That show's called a pilot. Then they show that show to the people who make shows, and on the strength of that one show they decide if they're going to make more shows.

Like you, I used to think the world was this great place where everybody lived by the same standards I did, then some kid with a nail showed me I was living in his world, a world where chaos rules not order, a world where righteousness is not rewarded. That's Cesar's world, and if you're not willing to play by his rules, then you're gonna have to pay the price.

You think water moves fast? You should see ice. It moves like it has a mind. Like it knows it killed the world once and got a taste for murder. After the avalanche, it took us a week to climb out. Now, I don't know exactly when we turned on each other, but I know that seven of us survived the slide... and only five made it out. Now we took an oath, that I'm breaking now. We said we'd say it was the snow that killed the other two, but it wasn't. Nature is lethal but it doesn't hold a candle to man.

You see? It's curious. Ted did figure it out - time travel. And when we get back, we gonna tell everyone. How it's possible, how it's done, what the dangers are. But then why fifty years in the future when the spacecraft encounters a black hole does the computer call it an 'unknown entry event'? Why don't they know? If they don't know, that means we never told anyone. And if we never told anyone it means we never made it back. Hence we die down here. Just as a matter of deductive logic.