This Christmas time the bad guys will be shopping too

This Christmas time the bad guys will be shopping too

While most folks want a new gaming system, TV, or the latest computer gadget, there is another group of people that are looking for something quite different and definitely not your typical in-store purchase. I’m talking about those people buying stolen online  “goods” ranging from credit card numbers and email accounts, to paid adult sites credentials.

This practice is of course illegal in many countries but everything comes down to benefits vs. risks. Given the low cost of acquisition of such stolen merchandise, the ease of access and relative anonymity of using those shady online retail stores as well as paying with e-money, you can see why black markets thrive. That is not to say it’s risk free. Law Enforcement Agencies (LEA) world wide are constantly monitoring criminal activities that go on, and from time to time will bust them in a big way-by either dismantling them or sending people to jail.

In this post, I will show you the types of stolen goods that can be found online, how much they cost and the two sides involved in the process: the sellers and the buyers.

The screenshot below shows a site selling Ebay and accounts as well as Walmart credit cards. Searching is easy as sites that sell such goods are numerous and registration is free.

Of course you could go with a traditional Visa/MasterCard credit card:

Such cards can be had for less than a couple of bucks:

and if you’re not happy with the goods, you can even ask for a refund:

To replace bad dumps go to orders page and Click “Request refund” within 06 hr.

This holiday season, you will find shopping discounts at more than just your local department stores:

The majority of black market websites are open to any potential buyer (some require invites). Buyers need to add funds to their account before they can purchase anything. Most sites are using the Liberty Reserve service to send money electronically.

As a seller you usually need to show your profile and a bit of history to get accepted. Here is a “cover letter” from a Credit Card vendor:

But because there is always a high demand for fresh “dumps”, black market sites are actively recruiting new sellers:

All in all, this is a well organized industry that has mastered the art of online shopping with convenience, a la Amazon:

 You might wonder how these credit cards or accounts were stolen… Well, they were harvested by malicious software such as banking Trojans and other keyloggers which infected vulnerable PCs (out of date software, no current antivirus, etc…). All it took was visiting a compromised site or clicking on a link within an email… and the rest was history. A pernicious piece of malware got itself inside the computer waiting for the next time you logged onto your bank site or Facebook account. The captured username and password were then swiftly sent to the bad guys who could now turn around and sell them.

To avoid being the next victim, please make sure that your computer is up-to-date, remove unwanted software and also use a solid anti malware solution such as Malwarebytes’. Together, let’s spoil the bad guys Christmas because as we well know, they have been very naughty… all year long.


Jérôme Segura

Principal Threat Researcher