Subscribe to RSS
Follow me on Twitter
Join me on Facebook
Carders.cc, a German security forum that specializes in trading stolen credit cards and other purloined data, has been hacked by security vigilantes for the second time this year. Also waking up to “you’ve been owned” calling cards this Christmas are exploit database exploit-db.org and backtrack-linux.org, the home of Backtrack, an open source “live CD” distribution of Linux.
The hacks were detailed in the second edition of “Owned and Exposed,” an ezine whose first edition in May included the internal database and thousands of stolen credit card numbers and passwords from Carders.cc. The Christmas version of the ezine doesn’t feature credit card numbers, but it does list the user names and hashed passwords of the carders.cc forum administrators. The carders.cc forum itself appears to be down at the moment.
Mati Aharoni, the main administrator for both exploit-db.org and backtrack-linux.org, confirmed that the hacks against his sites were legitimate. Shortly after my e-mail, Aharoni replied with a link to a short statement, noting that a hacking team called inj3ct0r initially took credit for the attack, only to find itself also targeted and shamed in this edition of Owned and Exposed.
“There’s nothing like having your butt kicked Christmas morning, which is exactly what happened to us today. We were owned and exposed, in true fashion,” Aharoni wrote. “Initially, the inj3ct0r team took ‘creds’ for the hack, which quickly proved false as the original ezine showed up – and now inj3ct0r (their new site) is no longer online. As a wise Chinese man once said: ‘do not anger one who has shell on your server’. The zine also mentioned other sites, as well as the ettercap project being backdoored.”
To his credit, Aharoni posted a link to the 2nd edition of Owned and Exposed.
“The irony of posting your zine in our papers section is not lost on us,” Aharoni wrote.
Update 10:40 p.m. ET: An earlier version of this blog post incorrectly identified one of the hacked domains as linux-exploit.org. The blog post above has been corrected. My apologies for the confusion.
Related posts:
- Fraud Bazaar Carders.cc Hacked
- iPack Exploit Kit Bites Windows Users
- Java: A Gift to Exploit Pack Makers
- Revisiting the Eleonore Exploit Kit
- Unpatched Java Exploit Spotted In-the-Wild
Tags: backtrack-linux.org, carders.cc, exploit-db.org, inj3ct0r, mati aharoni
>A list of sites on that same subnet is available here.
Wrong link, Brian.
Hidden due to low comment rating. Click here to see.
Спасибо. Вас также.
Вообще, я атеист и анархо-коммунист, как я уже здесь писал. Хотя и в меру толерантен.
Brian, you need a Christmas!
Hidden due to low comment rating. Click here to see.
Hidden due to low comment rating. Click here to see.
I think that in the East, Christmas is more of a religious holiday than in the West, where there is family celebration, feasting, and exchange of gifts on that day. The churches in the West struggle to remind people that there is a religious basis to Christmas. People who never attend church any other day of the year celebrate Christmas here.
Hidden due to low comment rating. Click here to see.
Eh. Pastebin unreliable sometimes. I have replaced the link for a local text file.
Thank you, Brian.
Cool site carder.biz, thx.
Hi Brian,
You might want to reconsider your file format and go with plain text, tsv, csv, whatever – rtf invites ghosts of MS Word and is hell on your non-Windows readers. Have a happy holiday, though, now!
PS: I think you may like them because they give you shouts…
Evokes memories of Windows, eh? Funny…I created that file on a Mac.
You can read an RTF file in a console on OSX?
PS: By invites ghosts of it, I was referring to the fact that any of your readers who use Windows, if given that file to open, would have it open in Word or at least some sort of interpretive application — it just would not be seen as ‘text’, and is therefore a little bit misleading. Not to nitpick. Personally I use Linux and BSD and strings destroys formatting.
Brian already replied to this, but I’ll point out further.
.rtf is default format for Mac OS X’s basic text editor.
RTF is fine. Its an old format from the 1980s that everything can read. It sure beats PDF when you need to copy and paste large parts or do editing.
It’s also yet another format that has nagging issues:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3333
@Mike:
So it’s fault of the text-format, if certain programs can be used for malicious purposes thru it?
Almost as if saying that xhtml is evil just because IE can be exploited with it. (I wouldn’t be suprised if that would actually be true)
^_^ Nice info
Thanks
BTW I think you forgot to change your hashtag along with the correction.
I now return to lurking. Sorry for deluge.
Hidden due to low comment rating. Click here to see.
Hey Brian, Happy holidays to you and your family, and best wishes for the new year.
Who are “Owned and Exposed” ?
The Owned and Exposed crew just did everyone a favor by revealing the fact Inj3ct0r is indeed sharing credit card information… I hope the law enforcement folks are doing something about that.
Thank you sir for the reply
I just wanted to know how they are?
Because it’s the first time that I hear about them and
when I googled I found nothing about them.
Hidden due to low comment rating. Click here to see.
Hidden due to low comment rating. Click here to see.
We are ethical hackers and here to help not make money, we only charge because of the cost,time and effort involved in the services and products we offer.
I Sell Many More Stuffs For Sell Here I Am Honest And Good In Deals Has Well In True,Be Patient I have Any Delays. I Do All So Fast How We Can. We Thank For Your Understanding.For Demo For Free And For Sample If You Want You Will Have 1 Cc For Test If Good ,Please Deal More Time I Dont Want See Ripper Or Scammer
CONTACT ME:
—————————————-
Yahoo Mail: Bian_lien30
Email: Bian_lien30@yahoo.com
Icq: 568983850
wich You All the best
We love read Your blog
Bonne annee
et bonne continuation