25
Dec 10

Carders.cc, Backtrack-linux.org and Exploit-db.org Hacked

facebooktwittergoogle_plusredditpinterestlinkedinmail

Carders.cc, a German security forum that specializes in trading stolen credit cards and other purloined data, has been hacked by security vigilantes for the second time this year. Also waking up to “you’ve been owned” calling cards this Christmas are exploit database exploit-db.org and backtrack-linux.org, the home of Backtrack, an open source “live CD” distribution of Linux.

The hacks were detailed in the second edition of “Owned and Exposed,” an ezine whose first edition in May included the internal database and thousands of stolen credit card numbers and passwords from Carders.cc. The Christmas version of the ezine doesn’t feature credit card numbers, but it does list the user names and hashed passwords of the carders.cc forum administrators. The carders.cc forum itself appears to be down at the moment.

Mati Aharoni, the main administrator for both exploit-db.org and backtrack-linux.org, confirmed that the hacks against his sites were legitimate. Shortly after my e-mail, Aharoni replied with a link to a short statement, noting that a hacking team called inj3ct0r initially took credit for the attack, only to find itself also targeted and shamed in this edition of Owned and Exposed.

“There’s nothing like having your butt kicked Christmas morning, which is exactly what happened to us today. We were owned and exposed, in true fashion,” Aharoni wrote. “Initially, the inj3ct0r team took ‘creds’ for the hack, which quickly proved false as the original ezine showed up – and now inj3ct0r (their new site) is no longer online. As a wise Chinese man once said: ‘do not anger one who has shell on your server’. The zine also mentioned other sites, as well as the ettercap project being backdoored.”

To his credit, Aharoni posted a link to the 2nd edition of Owned and Exposed.

“The irony of posting your zine in our papers section is not lost on us,” Aharoni wrote.

Update 10:40 p.m. ET: An earlier version of this blog post incorrectly identified one of the hacked domains as linux-exploit.org. The blog post above has been corrected. My apologies for the confusion.

Tags: , , , ,

29 comments

  1. >A list of sites on that same subnet is available here.

    Wrong link, Brian.

    • С Рождеством Христовым, Алекс.

      • Спасибо. Вас также.
        Вообще, я атеист и анархо-коммунист, как я уже здесь писал. Хотя и в меру толерантен.

        • Brian, you need a Christmas! ;)

        • Христианский себя, рад тебя знаю!

          • What do you mean?
            I must accept the Christian faith?

          • I think that in the East, Christmas is more of a religious holiday than in the West, where there is family celebration, feasting, and exchange of gifts on that day. The churches in the West struggle to remind people that there is a religious basis to Christmas. People who never attend church any other day of the year celebrate Christmas here.

        • Я также не христианин, но не нужно быть христианином, чтобы отметить языческий праздник. Брайан, с другой стороны, я считаю, это не атеист.

    • Eh. Pastebin unreliable sometimes. I have replaced the link for a local text file.

      • Thank you, Brian.
        Cool site carder.biz, thx.

      • Hi Brian,
        You might want to reconsider your file format and go with plain text, tsv, csv, whatever – rtf invites ghosts of MS Word and is hell on your non-Windows readers. Have a happy holiday, though, now! :P

        PS: I think you may like them because they give you shouts…

  2. ^_^ Nice info :) Thanks

  3. BTW I think you forgot to change your hashtag along with the correction. :)

    I now return to lurking. Sorry for deluge.

  4. Hey Brian, Happy holidays to you and your family, and best wishes for the new year.

  5. Who are “Owned and Exposed” ?

  6. The Owned and Exposed crew just did everyone a favor by revealing the fact Inj3ct0r is indeed sharing credit card information… I hope the law enforcement folks are doing something about that.

    • Thank you sir for the reply :)

      I just wanted to know how they are?
      Because it’s the first time that I hear about them and
      when I googled I found nothing about them.

  7. internetspecialist

    THE happy ninjas are just some kids that have no responsibility on 0days.I say that cause they just want a little fame with hacking ettercap lol.Carders.cc/free-hack..Same shit. But hacking sites like ettercap (white hats)Shows what kids they are.In 1year they find 1exploit and they try to hack much famous sites as possible.So kids pls go die!

  8. We are ethical hackers and here to help not make money, we only charge because of the cost,time and effort involved in the services and products we offer.
    I Sell Many More Stuffs For Sell Here I Am Honest And Good In Deals Has Well In True,Be Patient I have Any Delays. I Do All So Fast How We Can. We Thank For Your Understanding.For Demo For Free And For Sample If You Want You Will Have 1 Cc For Test If Good ,Please Deal More Time I Dont Want See Ripper Or Scammer

    CONTACT ME:
    —————————————-
    Yahoo Mail: Bian_lien30

    Email: Bian_lien30@yahoo.com

    Icq: 568983850

  9. wich You All the best
    We love read Your blog
    Bonne annee
    et bonne continuation