Exploit This

Security News, Exploits, and Vulnerabilities.

Who Ran Leakedsource.com?

Late last month, multiple news outlets reported that unspecified law enforcement officials had seized the servers for Leakedsource.com, perhaps the largest online collection of usernames and passwords leaked or stolen in some of the worst data breaches — including billions of credentials for accounts at top sites like LinkedIn, Myspace, and Yahoo.

In a development that may turn out to be deeply ironic, it seems that the real-life identity of Leakedsource’s principal owner may have been exposed by many of the same stolen databases he’s been peddling.

Israeli Online Attack Service ‘vDOS’ Earned $600,000 in Two Years

vDOS — a so-called “booter” service that has earned in excess of $600,000 over the past two years helping customers coordinate more than 150,000 so-called distributed denial-of-service (DDoS) attacks designed to knock Web sites offline — has been massively hacked, spilling secrets about tens of thousands of paying customers and their targets.

The vDOS database, obtained by KrebsOnSecurity.com at the end of July 2016, points to two young men in Israel as the principle owners and masterminds of the attack service, with support services coming from several young hackers in the United States.

The vDOS database, obtained by KrebsOnSecurity.com, points to two young men in Israel as the principle owners and masterminds of the attack service, with support services coming from several young hackers in the United States.

The vDOS database, obtained by KrebsOnSecurity.com, points to two young men in Israel as the principle owners and masterminds of the attack service, with support services coming from several young hackers in the United States.

How Carders Can Use eBay as a Virtual ATM

How do fraudsters “cash out” stolen credit card data? Increasingly, they are selling in-demand but underpriced products on eBay that they don’t yet own. Once the auction is over, the auction fraudster uses stolen credit card data to buy the merchandise from an e-commerce store and have it shipped to the auction winner. Because the auction winners actually get what they bid on and unwittingly pay the fraudster, very often the only party left to dispute the charge is the legitimate cardholder.

Stress-Testing the Booter Services, Financially

The past few years have witnessed a rapid proliferation of cheap, Web-based services that troublemakers can hire to knock virtually any person or site offline for hours on end. Such services succeed partly because they’ve enabled users to pay for attacks with PayPal. But a collaborative effort by PayPal and security researchers has made it far more difficult for these services to transact with their would-be customers.

Understanding the operations of a scam

In Sweden, we’re facing a big issue with scammers trying to buy items for sale on various auction websites. Since one of these scammers tried to scam my wife, I decided to follow their scam and document the entire process.

%d bloggers like this: