The underground market of carders. Translation of KingPIN. Chapter 19. “Carders Market”

In the previous chapter 18, we met with the cunning reptile Keith Mularski, an initiative FBI man who left the KGB and the FSB with his nose, and now decided to reprofile as a cyberjedi, the keeper of the world and the cache.

Today’s chapter tells how, after a series of high-profile arrests and the closure of key hacking forums ( Operation “Firewall” ), Max Butler rolled out his forum, with a cool design and a Russian admin, and the security services snapped a big fish.

---

Kevin Poulsen, editor of WIRED magazine, and a blackhat hacker Dark Dante as a child, wrote a book about " one of his acquaintances ."

The book shows the path from a teenage geek (but at the same time pitching), to a seasoned cyberpowder, as well as some methods of work of special services to capture hackers and carders.

The quest to translate the book began in the summer in an IT camp for high school students - “ Shkvoren: schoolchildren translate a book about hackers, ” then Habrausers and even a little editors joined in the translation.

Chapter 19. Carders Market

(Thanks for the translation habrayuzeru ungswar )

As Max tried, he could not settle down in any of the new forums sprout on Shadowcrew ruins. All of them were corrupt, belonged to sellers who were hostile to competitors from outside. In a way, that was a blessing. He could never fully trust any of these sites - he knew too well that this scene was full of policemen and informants.

Finally, he came to the conclusion: if he began to trade, the only site could be only a site that he owns. Still imagining himself Robin Hood, he chose the perfect name for his forum: Sherwood Forest.

Chris agreed with this plan - he liked the idea of ​​selling fake credit cards and driver's licenses in a safe environment - but he was furious with the name. In terms of branding, Sherwood Forest was not particularly suitable for the criminal market. The partners returned to the options again, and in June 2005 Max, using his fictitious name and dummy address in Anaheim, registered Cardersmarket.com.

This was a critical period for Max: the term of federal supervision was approaching him as parole, and if he had held out until midnight on October 10, 2005, he would have been a free man not obliged to play the role of a part-time computer consultant before his curator for parole. It should have been simple enough - to withstand a few more months. Besides Chris himself, both friends of Chris knew about Max’s double life: Jeff Norminton and Werner Janer, a real estate fraudster who wrote Charity a check for $ 5,000, which helped Max get back to hacking.

Later, in September 2005, Werner was arrested.

From the very beginning of their relationship with Max, Chris tossed a number of cards from time to time to Genera - maybe about 80 in more than 3 years - in exchange for 10 percent of Gene's purchases. This month, Gener asked for two dozen cards - financial problems forced him to sell his family home in Los Angeles and he moved to Westport, Connecticut to start all over again. Soon after, the criminal accomplice robbed him - Gener lost almost all of the income from the sale of the house, and he needed to increase his income in order to support himself and his wife with three children.

When Chris's package arrived, Gener, a passionate watch collector, went straight to Richards, a men's clothing and accessories store in Greenwich, where top-end chronometers were sold. Gene had high-quality “plastic” and an identity card in the name of Stephen Leahy. What he did not have was experience in carding. He chose not one, not two, but four Anonimo watches costing from 1 to 3 thousand dollars each. At the same time, he asked the store owner to punch all the watches separately and paid for them with four different Visa cards, which he openly pulled from a whole pack of cards. Two very large transactions were rejected and as a result, Gener received only two hours with a total value of $ 5,777 paid with Bank of America cards.

A patrol car caught him a couple of miles away. While the police officers checked Gene’s real driver’s license and checked if he had just bought a watch, the second car drove up with the owner of the store, who confirmed that they had stopped that guy.

Police arrested Gene and searched his car, finding a watch, 28 credit cards, 6 driver's licenses in different names. When the detectives received a search warrant for his house, they found a few more hours and a Walter P22 twenty-two-caliber pistol.
The gun signaled bad news. Instead of being charged with theft and violation of parole rules, Gene was now facing charges of illegal possession of firearms. Without wasting time, he proposed bringing the feds to the source of fake cards. In accordance with the standard conditions for informers, the government agreed to accept this information in exchange for limited immunity: none of what Gener said would be used against him. If the information turns out to be useful — leading to arrests — they will consider recommending a reduction in the term for possession of weapons.

For two meetings with a total duration of 8 hours, Gener posted everything he knew to the local Secret Service agents and the federal prosecutor. He told them about Chris Aragon - his chain of coffers, and "Hacker Max" - a two-meter computer genius who hacked banks from hotel rooms in San Francisco.

He did not know Max's surname, but remembered that he had once written a check for $ 5,000 to a hacker's girlfriend. Her name was Charity Majors.

The Secret Service recorded the interview and entered the information into the agency’s computer, but the agency did not verify this data, so the prosecutors refused to give Gener special conditions for considering his case. He was sentenced to 27 months in prison.

Max Vision dodged a bullet. Gene’s testimony was drowned in a gigantic government computer - they could just as well have been hidden in a cave from the final scene of the film “Finding the Lost Ark” (Indiana Jones). As long as no one had a reason to dig them out, Max was safe.

Meanwhile, Max began the process of becoming Carders Market. He had a lot of experience in launching legal sites, but the criminal site required special preparation. For example, that he could not place the Carders Market server directly on the floor of his house - this would make him an easy target.

He hacked into a Florida-based data center operating through an Affinity Internet provider and installed a VMware virtual machine on one of their servers, hiding a whole computer in their system. Its hidden server has assigned one of the unused Affinity addresses. The site will become a ghost ship belonging to no one and not served by anyone.

Max played with various online forums and finally settled on the flexible vBulletin engine. He spent months setting up the look and design of the templates for the look of the site, styling it in shades of gray and muted gold. The work looked satisfactory. For the first time in several years, he was creating something, not stealing. It was just like Whitehats.com development, except for those moments that were on the other side.

Finally, on the first anniversary of the Firewall operation, he added a new name to his ever-changing list of aliases: Iceman. One of the reasons for choosing such a nickname was its routine: there were a lot of Icemen underground, even on Shadowcrew there was one. If law enforcement agencies tried to track him, they would see several mirages on their radar.

Under modest fanfare, Iceman launched Cardersmarket.com at the end of 2005. Chris joined as the first co-administrator, taking on the nickname EasyLivin.

After careful observation of Shadowcrew and small follower forums, Max and Chris realized that the key to gaining recognition would be to appoint famous people to management positions to help maintain the forum and attract even more heavy artillery from their friends. Soon, the partners managed to attract two famous people from the Shadowcrew diaspora.

Bradley Anderson, a 41-year-old Cincinnati graduate, was their first acquisition. Anderson was a legend under the nickname “ncXVI,” an expert on fake IDs, the author of the self-published book Shedding Skin, a Bible on personality change.

The second recruit was 35-year-old Brett Shannon-Johnson from Charleston, South Carolina, a personal data hijacker known online as the “Gollumfun” - the founder of Counterfeit Library and Shadowcrew who retired during the second site before the secret service destroyed him .

After he disappeared from the scene for more than a year, Johnson tried to get back into business. Chris's accomplice John Giannone noticed him online in the spring and started a dialogue on ICQ, bringing him up to date on the latest arrests and gossip.

Giannone infuriated Johnson by selling 29 Max dumps to him for just 600 bucks, then introduced him to Max, who sold him another 500 cards. “I see that you and I will do good business in the future,” said Max Johnson.

Johnson accepted the offer of Max and Chris to become an admin on the Carders Market, providing the site with the experience and contacts of the only Shadowcrew administrator who survived the Firewall operation.

Giannone joined the Carders Market under the nickname Zebra, and Max created a second account with the nickname Digits. An alternate personality was a key feature in Max's new business strategy. Shadowcrew fell because prosecutors proved that the founders bought, sold and used stolen data themselves, and managing an information website was not illegal in itself, Max concluded. So, Iceman should be the face of Carders Market, but will never buy or sell stolen data. Digits - his alter ego - will do this by selling the dumps that Max received from the Vancouver pizza place to anyone who can purchase them.

To complete his vision of the site, Max needed another admin with certain skills: fluent in Russian. He wanted to repair the chasm that the Firewall operation between Eastern Europe and their Western counterparts did. Two Russian members of Shadowcrew fell into the Cumbajohnny VPN trap, and this whole situation forced the Russians to be suspicious of English-speaking forums.

Max decided that the Carders Market would stand out due to the East European section moderated by the native Russian. He could only find a candidate.

Chris offered to help and Max agreed. If there was any thing that Chris proved to his partner, it was that he knew how to attract new talents.

To be continued