The underground market of carders. Translation of KingPIN. Chapter 27. Web War One

    The most anticipated chapter. And the question: “So will we publish a book in Russian or not?”

    Kevin Poulsen, editor of WIRED magazine, and as a child blackhat hacker Dark Dante, wrote a book about “ one of my acquaintances ”.

    The book shows the path from a teenage geek (but at the same time pitching), to a seasoned cyberpowder, as well as some methods of work of special services to capture hackers and carders.

    The quest to translate the book began in the summer in an ITish camp for high school students - " Shkvoren: schoolchildren translate a book about hackers ", then Habrausers and even a little editors joined in the translation.

    The second wind of the "book translation quest" was given to Edison .
    How to arrest Max read inChapter 33: “Exit Strategy,” as covered the entire network; Chapter 34: “DarkMarket .

    Chapter 27. “The First Network War”

    (thanks for translation Lorian_Grace)

    Kate Mularski stood at the podium, the presentation filled the entire LCD screen behind. Fifteen senior officials from the FBI and experts from the Department of Justice sat in front of him, gathered around a table in the conference room. They were all focused. Mularski offered them something new, and they had never before done such a thing.

    First-level authorization was a rare thing for the bureau. First of all, Mularski wrote a twenty-page document, revealing all aspects of the plan and collecting legal assessments from the FBI staff for each of them. The agency’s general council was encouraged by the opportunities that opened up: the approval of the plan set a precedent acceptable for future undercover operations on the network.

    The main obstacle to the committee for evaluating such activities in the Justice Ministry was the issue of responsibility for the fact that crimes were allowed on sites managed by the US government.

    The question was: how does Mularski mitigate this harm, how to ensure that innocent people and organizations are not harmed. The answer was ready: criminal activity on DarkMarket will continue, with or without the participation of the FBI. However, if the Bureau controls the server and the Master Splinter manages the site, the FBI will be able to stop the dissemination of a significant part of the stolen data that would otherwise freely pass through the black market. The document suggested that any financial data would be immediately sent to the affected banks, and as a result, stolen credit cards could be blocked earlier than they are used.

    The meeting lasted 20 minutes. Returning to Pittsburgh on October 7, Mularski gave the green light to the DarkMarket. Aisman was still considered a target for the operation, but the main goals were JiLsi and other site leaders.

    When his wife went to bed, Mularski got in front of the sofa, turned on the TV and wrote JiLsi on ICQ. After exchanging innocuous jokes, they finally got down to business.

    DarkMarket was again under a DDoS attack, and Mularski, under the pseudonym Master Splinter, was ready to transfer the site to a secure server. JiLSi had only one word to say, and problems with Aisman would be a thing of the past.

    JiLsi showed some concerns, because DarkMarket was his brainchild, he did not want to look in front of the community as if he had lost control over him. Mularski explained that this would not be a problem, as Master Splinter would be the secret administrator. No one but the two of them will know that the site is now being managed by a new person. For all the rest, Splinter will remain an ordinary moderator.

    “Okay,” JiLsi answered, “get your server ready. We are moving. ”Mularski immediately set to work. He rented a server from Planeta, a Texas-based company, and then went into darker business, buying a DDoS protection from a Russian under the nickname Quasatron for $ 500 a month. Payment was made in electronic currency. The quasatron configured the site so that its public part was located at Staminus, a hosting company with a wide channel and resistance to such attacks. Their systems could withstand such a stream, and Quasatron software sent only the necessary traffic to a real DarkMarket server behind the scenes.

    Everything was done as an Eastern European hacker would do. When Mularski wanted to access the site’s backend, he used KIRE, a Virginia company that provided “shell accounts” that allowed IRC users to connect to chat rooms without opening a home IP. No one will know that a Polish spam king visits a site from Pittsburgh.

    As soon as this move was made, Mularski went to court and received a warrant to search his own server, which allowed him to see all user databases, access logs and private messages.

    The last remained. After Shadowcrew, it was commonplace for carder forums to force users to accept an agreement under which all illegal information was banned on the site and removed all responsibility from the organizers for it. The hosts of the forums were convinced that the confusing language of the law would protect them. DarkMarket had a particularly long and detailed user agreement, so no one noticed that Master Splinter added a line.

    “Using this forum, you agree that the administration can read personal correspondence on the forum to make sure the agreement is fulfilled,” he wrote, “or for some other purpose.”

    “I think it’s important to note that Aisman is rather stupidly dreaming of becoming a hacker, and hacking sites just for fun.”
    El Mariachi knew well what strings to pull Aisman.

    After this insidious capture, Dave Thomas returned to the blog “Life on the Road” to constantly insult his opponent, calling him “Iceboy”, “Officer Ice”, and “a damn piece of poop on his boots.” He encouraged Aisman to meet with him personally and resolve the dispute in a manly manner. Then he said that he could hire a killer to track down the carder until the end of his life.

    Max answered with increasing fury. He did not forget the difficulties and expenses that fell upon him when he was looking for a new host, after Thomas disconnected him in Florida. The aggression that he had kept in himself ever since has spewed from his womb and poured through the tips of his fingers. "- * Insults not too acceptable on the hub * - I could tear you to hell with my bare hands, but a coward like you will immediately call the cops and climb for arms, only seeing me." Better pray that I never go out, for at the meeting you will look even bigger a moron than now, but I will not have the slightest remorse and will turn your neck. ”

    Calming down, he sent Thomas a letter. He thought about turning off the Carders Market, and leaving his Aisman identity. No, that would not mean he was giving up; on the contrary, it would be the most serious threat to Thomas’s campaign.

    You have not read The Art of War, idiot? You don't know ANYTHING about me.
    I know EVERYTHING about you.
    I will kill the Carders Market, I will kill Aisman, and what will you have left? A fight with a shadow? You are hopeless ... I am the enemy who will constantly defeat you, because you have NO PROTECTION, and NO GOAL.
    I am your biggest nightmare, you and your family will suffer for the money that I lost because of you, and for a very, very long time.

    Two days later, Max revealed he was serious. He hacked into the El Marianchi website, “The Gifters,” which Thomas turned into a semi-legal site to monitor carder forums. He cleared the entire hard drive ... The site never rose again.

    Aisman proclaimed his triumph in the final blog post. “I have nothing to prove. Now, having overthrown the federal scammer David Thomas, I am leaving you. ”He wrote.

    “Unlike you, I do my business. Learn a lesson. Go ahead and leave it all. ”

    But Max was not allowed to go back into the shadows. Two USA Today reporters discovered a public war of carders and received confirmation of hostile takeovers from firms watching the forums. On the morning after Max proclaimed victory over El Mariachi, the delivery service delivered two million copies of the newspaper over Thursday across the country. On the first page of the business section, the story of Aisman seizing carder sites flaunted.

    Indulging his ego and engaging in a public confrontation with David Thomas, Max brought Aisman to the pages of the largest daily newspaper in the United States.

    “The Secret Service and the FBI refuse to comment on Eisman’s actions,” the article stated. “However, even so, the actions of this mysterious person illustrate the growing threat of cybercrime, which is largely a result of the existence of some forums.” The article was not a surprise, reporters contacted Aisman, and Max sent them a long comment expressing his position. His opinion was not published, and the article only made Max even more impudent. He even added a quote from it to the header of the page for entering the Carders Market: “He created Wall-March of the underground.”

    Max showed the article to Cherity. “I think I raised a hefty wave.”

    Chris was furious when he found out about Max's communication with reporters. He watched Max spend countless hours wrangling with Thomas, and now he was giving an interview too ?!

    “You have lost all reason,” he remarked.

    Max dragged on. Applications to the Carder Market poured in. The article seemed to make all street hooligans hope for success in this area.

    The site received three hundred new occupants per night. Two weeks later they were still arriving.

    He threw most of the duties on administrators. There was something to do besides this. A swift attack against financial institutions was very successful, but bank firewalls were the easiest part. Bank of America and Capital One, in particular, were huge organizations, and Max was simply lost in their vast networks. He could easily spend years on any of them just in search of the data he needed for a serious result. Max had serious problems with motivation for this stupid job: hacking networks was fun, and now it's over.

    Instead, Max postponed the issue with the banks, focusing on the war of carders ... Max's new hosting provider received constant complaints about criminal activity in the Carders Market. Max saw one of the letters sent from an anonymous account. On a hunch, he tried to log in there using JiLsi data. And suddenly, everything came up. This meant that JiLsi was trying to destroy Max.

    He then preoccupied himself with breaking into JiLsi's account on the Russian Mazafaka forum and sending an avalanche of messages with simple content: “I am federal.” Max then publicly demonstrated this evidence of JiLsi atrocities. The denunciations of a hosting company, from his point of view, were very vile tactics.

    DarkMarket wasn't polite enough to die right away. Max could just drop the database, but it wouldn’t work - the site was reborn before ... Its DDoS attacks ceased to be effective. DarkMarket switched to an expensive broadband host, and created dedicated servers for mail and databases. Suddenly, this site turned out to be a tough nut to crack.

    Then, Max got a very intriguing rumor about DarkMarket.

    The story included Silo, a Canadian hacker known for his amazing ability to juggle a dozen personalities in the community, effortlessly changing the style for each of them. Silo's second famous skill was that he was obsessed with breaking other carders. He constantly published software with hidden code, which allowed him to spy on colleagues.

    These two features played Strength on hand when he registered on DarkMarket under a new guise and published software for hacking for evaluation. Being true to himself, Silo hid a function in the program that sends user files to one of its servers.

    Looking at the results, he found a small cache of empty Word templates that included a complaint form about the malware. The templates contained the logo of an organization known as the Pittsburgh National Cybercrime Alliance. Max checked them. Feds. Someone from DarkMarket worked for the government.

    Ready for the investigation, Max again used the backdoor. This time he went on reconnaissance. He entered the console from the root, deduced the recent entry history. Then he brought the whole list to a separate window and began to check the public registration records for each IP used by the administration.

    When he reached Master Splinter, he stopped. A spammer who introduced himself as a Pole came in from an address belonging to a US corporation called Pembrooke Associates.

    He checked Whois.net registration records for the Pembetal.com website.

    Their mailbox was in Warrendale, Pennsville, twenty miles from Pittsburgh. There was also a phone number.
    Another mouse click, another browser window with a reverse telephone directory on Anywho.com. He entered the phone number and got the real address: 2000, Technological passage, Pittsburgh, Pennsilvania.

    This was the address that belonged to the National Cybercrime Alliance.

    Master Splinter was a federal.

    To be continued

    Published translations and publication plan (as of April 21)
    PROLOGUE ( GoTo camp students )
    1. The Key (Grisha, Sasha, Katya, Alena, Sonya)
    2. Deadly Weapons (Young programmers of the FSB of the Russian Federation, Aug 23)
    3. The Hungry Programmers (Young programmers of the FSB of the Russian Federation)
    4. The White Hat (Sasha K, ShiawasenaHoshi )
    5. Cyberwar! ( ShiawasenaHoshi )
    6. I Miss Crime (Valentine)
    7. Max Vision (Valentine, Aug 14)
    8. Welcome to America (Alexander Ivanov, Aug 16)
    9. Opportunities (jellyprol)
    10. Chris Aragon (Timur Usmanov)
    11. Script's Twenty-Dollar Dumps (George)
    12. Free Amex! ( Social Technology Greenhouse )
    13. Villa Siena (Lorian_Grace)
    14. The Raid (George)
    15. UBuyWeRush (Ungswar)
    16. Operation Firewall (George)
    17. Pizza and Plastic (done)
    18. The Briefing (George)
    19. Carders Market (Ungswar)
    20. The Starlight Room (Artem TranslationDesigner Nedrya)
    21. Master Splyntr (Ungswar)
    22. Enemies (Alexander Ivanov)
    23. Anglerphish (Georges)
    24. Exposure (+)
    25. Hostile Takeover (fantom)
    26. What's in Your Wallet? (done)
    27. Web War One (Lorian_Grace?)
    28. Carder Court (drak0sha)
    29. One Plat and Six Classics (+)
    30. Maksik (Ignat Ershov)
    31. The Trial (Bogdan Zhur)
    32. The Mall (Shuflin )
    33. Exit Strateg y(r0mk)
    34. DarkMarket (Valera aka Dima)
    35. Sentencing (comodohacker +)
    36. Aftermath (ex-er-sis?)
    EPILOGUE

    Only registered users can participate in the survey. Please come in.

    In order to publish a book with professionals, you need approximately 800 pre-orders. Should I take on a book publishing project?

    • 82.2% Yes 97
    • 13.5% No 16
    • 4.2% Other 5

    Also popular now: