Online fraud and other forms of Internet crime is a business, openly sold over the Internet.
British-based Internet security company Netcraft says
they’re receiving spam advertising dozens of “fraud hosting” websites that offer services and gather together those interested in such pursuits. Unsurprisingly, perhaps, most are Russian. But not all.
Carderportal.com resolves to Netfirms
, a hosting service based in Toronto. Netcraft says carder.org “was also hosted in North America” but has since had its record removed.
What’s interesting, apparently, is how brazenly mainstream companies are hosting these sites. Nethouse in St. Petersburg “houses stalk.ru, majordomo.ru and mazafaka.ru. Nethouse, which brands its hosting unit as Majordomo.ru, is housed within the data center of Runnet, the third-largest Russian hosting provider with 11.5K hostnames,” Netcraft says.
Not all are active. One, MaZaFaKa.Ru (unless I’m much mistaken, saying it out loud gives a good idea of the reason behind the name; the website’s motto is ‘Network Terrorism’ and its copyright text is, er, nonstandard), offers everything from cracks (usually code that has broken past the anti-piracy controls on software) to scripts, viruses and other nasties. It also lists the ‘last hacked sites’ — presumably websites that its members have managed to break into — many of which are Russian. (The message left on the hacked sites is anti-US involvement in Iraq.) It even contains the original Netcraft posting on its site. Unfortunately I’m not a Russian speaker so I can’t explore more.
Agava Software Network in Moscow, Netcraft says, hosted the “Russian Carder Clan” site at carderclan.net (18.104.22.168), which ran on a shared server at Agava.net. The site has recently been taken offline, as has Carderportal.org (22.214.171.124) at epolis.ru, which also resided at Agava. Agava ”specializes in the offshore custom software development and provides the off-site consulting, development, and testing services”, and lists among its projects WebCelerator, software to speed up surfing.
Here’s a list of the domains advertised, according to Netcraft: carder.org, carderclan.net, carderportal.com, carderportal.org, the cc.ru, mazafaka.ru, lncrew.com, majordomo.ru and agava.com. Register at one of them and you can expect to be offered “Spam Hosting – from 20$ per mounth, Fraud Hosting – from 30$ per mounth, Stolen Credit Cards, Fake ID, DL’s, Spam For free (with a limited time period)”.
Here’s another one that Netcraft didn’t mention: Asechka.ru, which has recently sent spam advertising its ‘fraud and carders site’: “On our site and board you are find: Bulk, Spam and Fraud Hosting, Stolen Credit Cards for Sale, Stolen Dumps of cardholder’s for Sale, Children Porno, Sex, Erotic films…. WE ACCEPT: Western Union, WebMoney, E-GOLD.”
I’m seeking comment from some of these sites.