The Hacker News Logo
Subscribe to Newsletter

Role of Hacking in Stealing and Selling Credit Cards !

Role of Hacking in Stealing and Selling Credit Cards !

People use the Internet in their everyday lives. With technology advancing as fast as it is, most modern day homes have gone online, turning to the Internet to save time with busy days, performing simple tasks like online banking, purchasing items on eBay or Amazon or getting deals on Buy.com, even taking college classes online. Internet Banking , Credit Cards are become the mode of Payments.

Its 2011, Hacker have Eye on your Bank Balance, Credit Card details and Logins. These online Criminals get you Credit Card details and sell them to other customers. Credit card numbers can be purchased for a dollar or less if you buy in bulk And so-called full profiles, including a Social Security number and mother’s maiden name, are available for just $80. ATM pin numbers and platinum cards cost extra.

Computer hackers have been found stealing and selling other people's credit card information in masses. Hacking happens just like any other crime, having both low level attacks like a single person stealing and using your online email accounts, to a more organized structure like a group of hackers attacking a corporate mainframe for large amounts of personal information.

PSN & SONY hack - Recent Hacking Case

In April 2011, Hacker stole 77 million PSN customers personal information--including names, addresses, billing history.The  some days later another massive breach at Sony was 100 million user's personal info hacked in Japan . Just yesterday Sony PlayStation Network hacked again, user passwords compromised. The Hacker News investigate about this Biggest Hacking case of Year and Finally we Release our 1st Report on Sony's 3rd Attack Issue on 8th May 2011. In our Report we prove that How hackers get the list Customers info just using simple Google Searches.

Further a Hacking Group named "PH4N70M Hacking Team" Claiming to Hack the PSN Network. We (THN) try to talk with these hackers and try to collect some info about this Breach. The Statement by Founder of PH4N70M Hacking Team -- "The PSN was comprised of multiple forwarding servers. When my team went in, we found an authorization server (Codenamed auth.sony). This server had no encryption, no DDoS protection was in place. No load balancing. This is how the PSN network was taken down. I thought I’d pass that along to you due to the confusion people are having. This gateway was not load balanced and not secured operating through the default port 80. This server, during early operations back in February (when the operation was initiated in a vote in Operation Payback) was also thought to control login to sonys stores and shop networks. (Marketplace) I cannot confirm this. The original planned attack was going to be a LOIC + Slowloris attack. I also heard before I left of a bufferoverflow attack.The key players in PH4N70M (Phantom) include an exploiter (TH0R), Xik, and several others including the operation payback collaborator named Wolfy. The rest of the team will remain hidden for now.The credit card concerns were all because the data was never encrypted when sent"

Other Online Credit Card Hackers and Sellers :
"If you'd rather not use stolen credit cards yourself, you can have him buy you iPhones, iPads and laptops with stolen credit cards and ship them to you. In practice, the thief will log into an online store, then purchase an iPad as a gift purchase, giving your address as the delivery address and paying for the good with a stolen credit card. An iPad bought like this goes for $150." said in a post on F-Secure Blog.

One of these type of Hacker is Mr. Sshoaib Ahmed from Islamabad, Pakistan. He have his own Team of Hackers, They Hack Credit Cards and Sell them, they also Deal in SMTP, LEADS, RDP. The Hacker News Talk with them and Try to know about their Way of Grabbing this large no. of Credit Cards and Trading ways. A post on F-Secure Blog also Mention these online Criminals and they recommend twitter to delete their Twitter account via which they was trading this crime.

How Hacker Get Vulnerable Shopping Sites
Best Tool is Google to find Vulnerable Shopping Sites, Their are some Dorks/Keywords that help hackers to find their target easily. Such list of Keywords are listed Below. Just go to www.google.com and Search it, You will get all online stores, Where people use their Credit Card, Paypal accounts for Buying Products.


cat.asp?cat=
Productlist.asp?Catalogid=
Category.asp?Category_Id=
Category.cfm?Category_Id=
category.asp?cid=
category.cfm?cid=
category.asp?cat=
category.cfm?cat=
category.asp?id=
index.cfm?Pageid=
category.asp?catid=
Category.asp?c=
Category.cfm?c=
Productlist.cfm?Catalogid=
Productlist.asp?Catalogid=
Viewitem.asp?Catalogid=
Viewitem.cfm?Catalogid=
catalog.cfm?Catalogid=
catalog.asp?Catalogid=
department.cfm?Dept=
department.asp?Dept=
Itemdetails.cfm?Catalogid=
Itemdetails.asp?Catalogid=
Product_Detail.asp?Catalogid=
Product_Detail.cfm?Catalogid=
Product_List.asp?Catalogid=
Product_List.cfm?Catalogid=
Showproduct.cfm?Catid=
Showproduct.asp?Catid=
Search_Results.cfm?Txtsearchparamcat=
Search_Results.asp?Txtsearchparamcat=
Itemdetails.cfm?Catalogid=
Itemdetails.asp?Catalogid=
store-page.cfm?go=
store-page.asp?go=
Detail.cfm?Catalogid=
Detail.asp?Catalogid=
browse.cfm?Category_Id=
view.cfm?Category_Id=
products.cfm?Category_Id=
index.cfm?Category_Id=
detail.cfm?id=
category.cfm?id=
Showitems.cfm?Category_Id=
Viewproduct.asp?PID=
Viewproduct.cfm?PID=
Shopdisplayproducts.asp?Catalogid=
Shopdisplayproducts.Cfn?Catalogid=
Displayproducts.cfm?Category_Id=
Displayproducts.asp?Category_Id=
Displayproducts.asp?Prodcat=
Displayproducts.cfm?Prodcat=x
Productdetail.cfm?ProductID=
products.php?Subcat_Id=
Showitem.cfm?id=thetwenty-first
Productdetail.cfm?pid=
default.cfm?action=thefortysixth
Products_Accessories.asp?Catid=
Store_Viewproducts.asp?Cat=
category.cfm?categoryID=
category.asp?category=
Tepeecart.cfm?Shopid=
View_Product.asp?productID=
Productdetails.asp?Prdid=12th
products.cfm?ID=
detail.asp?Product_Id=
Product_Detail.asp?Product_Id=
products.php?Subcat_Id=
product.php?Product_Id=
View_Product.cfm?productID=
Product_Details.asp?Prodid=
Shopdisplayproducts.cfm?id=
Displayproducts.cfm?id

After finding any Vulnerable Shopping Site, Hackers job is just to crack the Database using Sql injection or Rooting the Server. Hacker get into the sites, Steal customers details and Then Re-Sell those Credit Card Details to further online Criminals.

Hacking Classes for learning Carding Process
In One More Post by Mikko H. Hypponen ( CRO at F-Secure) expose the Hacking Classes by hacker to Teach Carding Process, that How to Steal Credit Cards. Its all the Network of these online Criminals. Who is a CARDER - "A carder is a criminal who specializes in stealing information from credit cards. Although the majority of them buy the information from online vendors, some of them are quite savvy on how to access that information by themselves."

Hacker  Mr. Sshoaib Ahmed from Islamabad, Pakistan commit that Lots of hackers from all over world are in same business, even some Indian hackers are also their Regular Customers. The most common one is known as phishing. In this technique, the hacker poses as an officer within an organization, let's say VISA. The hacker sends to a group of email accounts an alert, instructing the receiver to follow determined set of instructions before his credit card is cancelled.If the user is not aware of this kind of fraud, he will insert his credit card number, his name and expiration date without knowing he is going to be a victim of an online crime.

The other Methods of hacking Credit Card info is TROJANS. Hackers spread RAT/KEYLOGGERS online via Social Networking sites and also via binding Trojans with keygen file of various rare available softwares.

Conclusion
That is all about how hackers Target you Credit Cards. Credit card hacking has become one of the new security headaches of consumers. Note Down some points while surfing online, to be safe :


  • Make sure you are dealing with a legitimate banking organization..
  • Read the privacy policies to find out exactly who has access to your personal information.
  • Keep your computer and access to it secure.
  • Look for the secure padlock in the bottom right hand of your browser to make sure your information is encrypted.
  • Don’t send any account details or pin numbers via email.
  • Make sure you log out of your accounts each time you leave them, especially when you are using public computers.
  • Cancel any credit cards that have been used fraudulently.
  • Change your password regularly and consider using password management software.
  • Keep your antivirus scanner up to date.
  • Use a firewall.


Be Safe and Have Happy Surfing :)
THN - The Hacker News

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.