“BriansClub” Hack Rescues 26M Stolen Cards
“BriansClub,” one of the largest underground stores for buying stolen credit card data, has itself been hacked. The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, including almost eight million records uploaded to the shop in 2019 alone.
Last month, KrebsOnSecurity was contacted by a source who shared a plain text file containing what was claimed to be the full database of cards for sale both currently and historically through BriansClub[.]at, a thriving fraud bazaar named after this author. Imitating my site, likeness and namesake, BriansClub even dubiously claims a copyright with a reference at the bottom of each page: “© 2019 Crabs on Security.”
Multiple people who reviewed the database shared by my source confirmed that the same credit card records also could be found in a more redacted form simply by searching the BriansClub Web site with a valid, properly-funded account.
All of the card data stolen from BriansClub was shared with multiple sources who work closely with financial institutions to identify and monitor or reissue cards that show up for sale in the cybercrime underground.
The leaked data shows that in 2015, BriansClub added just 1.7 million card records for sale. But business would pick up in each of the years that followed: In 2016, BriansClub uploaded 2.89 million stolen cards; 2017 saw some 4.9 million cards added; 2018 brought in 9.2 million more.
Between January and August 2019 (when this database snapshot was apparently taken), BriansClub added roughly 7.6 million cards.
Most of what’s on offer at BriansClub are “dumps,” strings of ones and zeros that — when encoded onto anything with a magnetic stripe the size of a credit card — can be used by thieves to purchase electronics, gift cards and other high-priced items at big box stores.
As shown in the table below (taken from this story), many federal hacking prosecutions involving stolen credit cards will for sentencing purposes value each stolen card record at $500, which is intended to represent the average loss per compromised cardholder.
👉🏼 Read more:
https://krebsonsecurity.com/
#hacker #hackback #BrainsClub #KrebsOnSecurity
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
“BriansClub,” one of the largest underground stores for buying stolen credit card data, has itself been hacked. The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, including almost eight million records uploaded to the shop in 2019 alone.
Last month, KrebsOnSecurity was contacted by a source who shared a plain text file containing what was claimed to be the full database of cards for sale both currently and historically through BriansClub[.]at, a thriving fraud bazaar named after this author. Imitating my site, likeness and namesake, BriansClub even dubiously claims a copyright with a reference at the bottom of each page: “© 2019 Crabs on Security.”
Multiple people who reviewed the database shared by my source confirmed that the same credit card records also could be found in a more redacted form simply by searching the BriansClub Web site with a valid, properly-funded account.
All of the card data stolen from BriansClub was shared with multiple sources who work closely with financial institutions to identify and monitor or reissue cards that show up for sale in the cybercrime underground.
The leaked data shows that in 2015, BriansClub added just 1.7 million card records for sale. But business would pick up in each of the years that followed: In 2016, BriansClub uploaded 2.89 million stolen cards; 2017 saw some 4.9 million cards added; 2018 brought in 9.2 million more.
Between January and August 2019 (when this database snapshot was apparently taken), BriansClub added roughly 7.6 million cards.
Most of what’s on offer at BriansClub are “dumps,” strings of ones and zeros that — when encoded onto anything with a magnetic stripe the size of a credit card — can be used by thieves to purchase electronics, gift cards and other high-priced items at big box stores.
As shown in the table below (taken from this story), many federal hacking prosecutions involving stolen credit cards will for sentencing purposes value each stolen card record at $500, which is intended to represent the average loss per compromised cardholder.
👉🏼 Read more:
https://krebsonsecurity.com/
#hacker #hackback #BrainsClub #KrebsOnSecurity
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Massive Hack Strikes Offshore Cayman National Bank and Trust
Isle of Man, UK – A blast of sunshine has hit a secretive banking network used by global ultra-wealthy figures following a massive hack by “Phineas Fisher“, a notorious self-described “hacktivist”, of Cayman National Bank and Trust, which serves nearly 1,500 accounts in Isle of Man. Transparency collective Distributed Denial of Secrets has began publishing copies of the bank’s servers, a cache of documents as well as communications among bankers and others. Journalists around the world are investigating and have begun releasing stories.
Following the hack, a manifesto was uploaded to the Internet addressing the motivation for hacking financial services companies. Unicorn Riot has embedded the manifesto below which includes previously unpublished code which the author claims was used to break into “Hacking Team” an Italian surveillance company. Hacking Team was an elite corporation that specialized in developing malware until Phineas Fisher hacked them and published their code online. The malware developed by Hacking Team was often used to attack journalists and activists on behalf of repressive governments .
Unicorn Riot has obtained the small HackBack announcement text released exclusively in Spanish, described as “Desde las montañas del Sureste Cibernético” (‘From the mountains of the Cyber Southeast’). It bills itself as a “HackBack” DIY guide for “Una guía DIY para robar bancos” (‘A DIY guide for robbing banks.’) The announcement begins with a tongue-in-cheek dedication to “Subcowmandante Marcos” with an ASCII text-styled pipe-smoking cow referring to former Zapatista spokesperson Subcomandante Marcos.
Also included in the announcement were introductions to common information security tools such as Metasploit and observations about previous major bank hacks, suspicious activities on SWIFT (an international financial network), and art such as a skeleton saying “Be Gay, Do Crimes” in Spanish.
👉🏼 Read more:
https://unicornriot.ninja/2019/massive-hack-strikes-offshore-cayman-national-bank-and-trust/
https://unicornriot.ninja/wp-content/uploads/2019/11/hackback-announce-text.txt
#hacker #PhineasFisher #hacked #hackback #offshore #bank
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Isle of Man, UK – A blast of sunshine has hit a secretive banking network used by global ultra-wealthy figures following a massive hack by “Phineas Fisher“, a notorious self-described “hacktivist”, of Cayman National Bank and Trust, which serves nearly 1,500 accounts in Isle of Man. Transparency collective Distributed Denial of Secrets has began publishing copies of the bank’s servers, a cache of documents as well as communications among bankers and others. Journalists around the world are investigating and have begun releasing stories.
Following the hack, a manifesto was uploaded to the Internet addressing the motivation for hacking financial services companies. Unicorn Riot has embedded the manifesto below which includes previously unpublished code which the author claims was used to break into “Hacking Team” an Italian surveillance company. Hacking Team was an elite corporation that specialized in developing malware until Phineas Fisher hacked them and published their code online. The malware developed by Hacking Team was often used to attack journalists and activists on behalf of repressive governments .
Unicorn Riot has obtained the small HackBack announcement text released exclusively in Spanish, described as “Desde las montañas del Sureste Cibernético” (‘From the mountains of the Cyber Southeast’). It bills itself as a “HackBack” DIY guide for “Una guía DIY para robar bancos” (‘A DIY guide for robbing banks.’) The announcement begins with a tongue-in-cheek dedication to “Subcowmandante Marcos” with an ASCII text-styled pipe-smoking cow referring to former Zapatista spokesperson Subcomandante Marcos.
Also included in the announcement were introductions to common information security tools such as Metasploit and observations about previous major bank hacks, suspicious activities on SWIFT (an international financial network), and art such as a skeleton saying “Be Gay, Do Crimes” in Spanish.
👉🏼 Read more:
https://unicornriot.ninja/2019/massive-hack-strikes-offshore-cayman-national-bank-and-trust/
https://unicornriot.ninja/wp-content/uploads/2019/11/hackback-announce-text.txt
#hacker #PhineasFisher #hacked #hackback #offshore #bank
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
HackBack! - Talking with Phineas Fisher
Hacking as Direct Action against the Surveillance State
We spoke with the world-famous hacker persona and self-proclaimed anarchist revolutionary Phineas Fisher about the politics behind their attacks on the surveillance industry, the ruling party in Turkey, and the Catalan police. Here follows a retrospective on the exploits of Phineas Fisher, followed by their remarks to us.
Hacking is often depicted as something technical, a simple matter of attack and defense. Yet motivations are everything. The same technique that builds oppressive tools can be used as a weapon for emancipation. Hacking, in its purest form, is not about engineering: it is about leveraging power dynamics by short-circuiting technology. It is direct action for the new digital world we all live in.
In the shadows of the techno-empire, the hacking scene became a target for cooptation and infiltration. But the underground cannot be eradicated: from time to time, a new action breaks through the surface. Some of the hackers we admire are coders who produce tools for online privacy and anonymity. Other crews create and distribute alternative media. And then there are those who hack back.
The Lost Hacker Circles
It is no secret, for anyone paying attention, that for a long time the hacker underground was also taking sides in the ongoing war. Yet the effervescence that characterized the underground DIY scene of the past few decades has died down, or at least receded to less visible places.
Pessimists mourned the death of hacker communities in a proliferation of individual desertions. It is true that the techno-military complex succeeded in swelling the ranks of the mercenaries: there is a price at which a particular mindset can be bought, whether with money, success, the feeling of power, or the excitement of playing with fancy toys while chasing what state propaganda labels “the enemy.”
👉🏼 Read more:
https://crimethinc.com/2018/06/05/hackback-talking-with-phineas-fisher-hacking-as-direct-action-against-the-surveillance-state
👉🏼 Regarding: Massive Hack Strikes Offshore Cayman National Bank and Trust
https://t.iss.one/BlackBox_Archiv/716
#PhineasFisher #hacker #HackBack #Interview
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Hacking as Direct Action against the Surveillance State
We spoke with the world-famous hacker persona and self-proclaimed anarchist revolutionary Phineas Fisher about the politics behind their attacks on the surveillance industry, the ruling party in Turkey, and the Catalan police. Here follows a retrospective on the exploits of Phineas Fisher, followed by their remarks to us.
Hacking is often depicted as something technical, a simple matter of attack and defense. Yet motivations are everything. The same technique that builds oppressive tools can be used as a weapon for emancipation. Hacking, in its purest form, is not about engineering: it is about leveraging power dynamics by short-circuiting technology. It is direct action for the new digital world we all live in.
In the shadows of the techno-empire, the hacking scene became a target for cooptation and infiltration. But the underground cannot be eradicated: from time to time, a new action breaks through the surface. Some of the hackers we admire are coders who produce tools for online privacy and anonymity. Other crews create and distribute alternative media. And then there are those who hack back.
The Lost Hacker Circles
It is no secret, for anyone paying attention, that for a long time the hacker underground was also taking sides in the ongoing war. Yet the effervescence that characterized the underground DIY scene of the past few decades has died down, or at least receded to less visible places.
Pessimists mourned the death of hacker communities in a proliferation of individual desertions. It is true that the techno-military complex succeeded in swelling the ranks of the mercenaries: there is a price at which a particular mindset can be bought, whether with money, success, the feeling of power, or the excitement of playing with fancy toys while chasing what state propaganda labels “the enemy.”
👉🏼 Read more:
https://crimethinc.com/2018/06/05/hackback-talking-with-phineas-fisher-hacking-as-direct-action-against-the-surveillance-state
👉🏼 Regarding: Massive Hack Strikes Offshore Cayman National Bank and Trust
https://t.iss.one/BlackBox_Archiv/716
#PhineasFisher #hacker #HackBack #Interview
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN