Archive for the ‘From The DarkNet’ Category

The Phishing Guide: URL Obfuscation Attacks

Wednesday, June 21st, 2017
The secret for many phishing attacks is to get the message recipient to follow a hyperlink (URL) to the attacker’s server, without them realising that they have been duped.

Unfortunately phishers have access to an increasingly large arsenal of methods for obfuscating the final destination of the customer’s web request.

The most common methods of URL obfuscation include:

• Bad domain names

• Friendly login URL’s

• Third-party shortened URL’s

• Host name obfuscation

• URL obfuscation

Bad Domain Names

Read the rest of this entry »

Guide: The Art of Carding From the inFECTion Cookbook

Sunday, June 18th, 2017

Guide: The Art of Carding From the inFECTion Cookbook

Obtaining a credit card number: There are many ways to obtain the information needed to card something. The most important things needed are the card number and the expiration date. Having the card-holders name doesn’t hurt, but it is not essential. The absolute best way to obtain all the information needed is by trashing. The way this is done is simple. You walk around your area or any other area and find a store, mall, supermarket, etc., that throws their garbage outside on the sidewalk or dumpster. Rip the bag open and see if you can find any carbons at all. If you find little shreds of credit card carbons, then it is most likely not worth your time to tape together.

Find a store that does not rip their carbons at all or only in half. Another way is to bullshit the number out of someone.

That is call them up and say “Hello, this is Visa security and we have a report that your card was stolen.”

They will deny it and you will try to get it out of them from that point on.

You could say, “It wasn’t stolen? Well what is the expiration date and maybe we can fix the problem…. Ok and what is the number on your card?……Thank you very much and have a nice day.” Or think of something to that degree.

Another way to get card numbers is through systems such as TRW and CBI, this is the hard way, and probably not worth the trouble, unless you are an expert on the system. Using credit card numbers posted on BBS’s is risky. The only advantage is that there is a good chance that other people will use it, thus decreasing the chances of being the sole-offender. The last method of getting numbers is very good also. In most video rental stores, they take down your credit card number when you join to back-up your rentals. So if you could manage to steal the list or make a copy of it, then you are set for a LONG time. Read the rest of this entry »

The Phishing Guide Part 2 : Man-in-The-Middle

Saturday, June 17th, 2017

For a Phishing attack to be successful, it must use a number of methods to trick the customer into doing something with their server and/or supplied page content. There are an ever increasing number of ways to do this. The most common methods are explained in detail below, will include:

Man-in-the-middle Attacks

• URL Obfuscation Attacks

• Cross-site Scripting Attacks

• Preset Session Attacks

• Observing Customer Data

• Client-side Vulnerability Exploitation

I will go into more deatil about others in anouther post but today we are going to learn how to do Man-in-the-Middle attack

Man-in-the-middle Attacks One of the most successful vectors for gaining control of customer information and resources is through man-in-the-middle attacks. In this class of attack, the attacker situates themselves between the customer and the real web-based application, and proxies all communications between the systems. From this vantage point, the attacker can observe and record all transactions. This form of attack is successful for both HTTP and HTTPS communications. The customer connects to the attackers server as if it was the real site, while the attackers server makes a simultaneous connection to the real site. The attackers server then proxies all communications between the customer and the real web-based application server – typically in real-time. In the case of secure HTTPS communications, an SSL connection is established between the customer and the attackers proxy (hence the attackers system can record all traffic in an unencrypted state), while the attackers proxy creates its own SSL connection between itself and the real server.

Read the rest of this entry »

Buying Credit Cards on the Darknet

Tuesday, June 13th, 2017

Contributed by Mark.

Have you ever seen credit card marketplaces on deep web? Of course you have! But all of them are fake scam sites, yeah? Basically that’s right, but believe it or not, there are some legit sites too. I spent 3 months researching and got a lot interesting information that I wanted to share with you.

 

How does credit card fraud works?

There are multiple ways for getting the cards. Most known way is stealing card data with card skimmer and recording card PIN with some “spy”camera. Card vendor inserts card data trough specific programs on card chip or stripe. Less known way is to partnership with card owner and sell working card duplicate to client. Because it happened due bank security breach, bank refunds money to card owner and everybody gets profit. Yet, there are still many other ways for card fraud. Read the rest of this entry »

Guide to Counterfeit Money From the inFECTion Cookbook

Monday, June 12th, 2017
Before reading this article, it would be a very good idea to get a book on photo offset printing, for this is the method used in counterfeiting US currency. If you are familiar with this method of printing, counterfeiting should be a simple task for you. Genuine currency is made by a process called “gravure”, which involves etching a metal block. Since etching a metal block is impossible to do by hand, photo offset printing comes into the process.

Photo offset printing starts by making negatives of the currency with a camera, and putting the negatives on a piece of masking material (usually orange in color). The stripped negatives, commonly called “flats”, are then exposed to a lithographic plate with an arc light plate maker. The burned plates are then developed with the proper developing chemical.

One at a time, these plates are wrapped around the plate cylinder of the press. The press to use should be an 11 by 14 offset, such as the AB Dick 360. Make 2 negatives of the portrait side of the bill, and 1 of the back side. After developing them and letting them dry, take them to a light table. Using opaque on one of the portrait sides, touch out all the green, which is the seal and the serial numbers. The back side does not require any retouching, because it is all one color. Read the rest of this entry »

Basic Hacking Tutorial 1 & 2 From The inFECTion Cookbook

Sunday, June 11th, 2017

From The Infection Cookbook

What is hacking?

According to popular belief the term hacker and hacking was founded at mit it comes from the root of a hack writer,someone who keeps “hacking” at the typewriter until he finishes the story.a computer hacker would be hacking at the keyboard or password works.

What you need:

To hack you need a computer equipped with a modem (a device that lets you transmit data over phone lines) which should cost you from $100 to $1200.

How do you hack?

Hacking requires two things:
1. The phone number
2. Answer to identity elements

How do you find the phone #?

Read the rest of this entry »

The Phishing Guide Part 1: Email and Spam

Saturday, June 10th, 2017

Phishing attacks initiated by email are the most common. Using techniques and tools used by Spammers, Phishers can deliver specially crafted emails to millions of legitimate “live” email addresses within a few hours (or minutes using distributed Trojan networks). In many cases, the lists of addresses used to deliver the phishing emails are purchased from the same sources as conventional spam.

Utilising well known flaws in the common mail server communication protocol (SMTP), Phishers are able to create emails with fake “Mail From:” headers and impersonate any organisation they choose. In some cases, they may also set the “RCPT To:” field to an email address of their choice (one which they can pickup email from); whereby any customer replies to the phishing email will be sent to them. The growing press coverage over phishing attacks has meant that most customers are very wary of sending confidential information (such as passwords and PIN information) by email – however it still successful in may cases.

Techniques used within Phishing emails:

• Official looking and sounding emails
• Copies of legitimate corporate emails with minor URL changes
• HTML based email used to obfuscate target URL information
• Standard virus/worm attachments to emails
• A plethora of anti spam-detection inclusions
• Crafting of “personalised” or unique email messages
• Fake postings to popular message boards and mailing lists
• Use of fake “Mail From:” addresses and open mail relays for disguising the source of the email

A Real-life Phishing Example

Read the rest of this entry »

Forbidden Snuff Film Culture in 1999

Thursday, June 8th, 2017

By Cyborg

<*> Lights, camera, action… from the upper echelons of the Hollywood party crowd to the violent neo nazi culture of eastern Europe to the urban underground market place on the streets of Thailand, snuff movies are all around us. Hidden deep in the murky depths of pornucopia. Everything has a dark underside, and although pornography is the sinister shadow of the mainstream movie business it too has a distorted mirror image. Snuff is infamous as the depth of human depravity.

For people who don’t know what a snuff movie is allow me to enlighten you. Snuff is more than murder caught on videotape (which is commonly referred to as mondo films) two other decisive factors are necessary. The first is that the primary motivation for the murder is production value, this means organized and intentional, at a point in the script the director has decided that somebody is killed. The second and most important is that the footage is being distributed commercially.

The big question surrounding snuff movies is whether they actually exist or not. Some say they are just urban legends. This is based on the old cliche that you don’t believe what you don’t see. No law enforcement authority has ever seized an actual real tape despite offered rewards of $25,000 no questions asked. Seeing as how I am here to bring you my views on the subject I would have to say that I think yes they do exist. Although I have never seen one I don’t feel that ignorance will solve such a problem. People have to be open to the fact that they might exist however unpleasant that may be.

Just where do people buy snuff movies? If you are wondering where you can get one then you are a sick asshole. It is generally thought that they are obtained, if you know who to ask, on the streets of New York. Another hotspot would be the black market in Bangkok. Advertisements have been found on street walls before. Here is an example:

“The film that could only be made in South America… where life is CHEAP!” Read the rest of this entry »

Basic Instructions to Carding By The DEA

Tuesday, June 6th, 2017

DEA PHILE NUMBER ONE! Welcome to the first of many DEA text philes. We at the DEA are committed to bringing you the highest quality, easiest to understand, most useful and interesting text philes! As most other groups have fallen apart, we are the group of the ’90s. Our homey board is Terminal Hallucinations, at 213/207-3145, now 14.4k bps, 200megs, active message bases! We hope to bring you much more fun and entertainment in the decade ahead! – DEA

d i s c l a i m e r

Neither the DEA nor the author of this phile encourage you to actually do what is described in this file. It is, of course, for educational purposes only!

Intro

—–

Carding is the very best way to get things totally free of charge. It’s also the best way to get sued for literally thousands of dollars. The careful carder would read this entire phile, and then make the right decision. To card, or not to card?

Getting The Card Number

Read the rest of this entry »

How to Torture Your Victim With Household items

Saturday, June 3rd, 2017

Aha! I don’t know how you made it or why you did it, but for some reason you got yourself a human inside a house that you have to get some information from. And the best way to do that is of course – torture! Unfortunately, our “civilized” culture doesn’t give you any items for torture so you’ll have to improvise…

This file can be used anytime. It requires that you have strapped the “victim” (haha) to a chair or equal preventing him from escaping when the light turns red.

  1. CHEMICALS

Your house is full of chemicals! Many of them are dangerous and can be used to achieve pain. Some examples: Ammonia, very strong and painful. Put a glass under his nose and make him smell it. He will probably be poisoned after a short while. Alcohol: Ahh…force him to drink things that makes him go drunk. When the liquid cabinet is empty, use common perfumes, roll-on, after-shave…all of them contains alcohol. Strong acids: Can be found in the basement. Give him a shower.

     2. THE SAUNA

Got yourself a sauna in the house? Great. Turn it on at maximum effect and throw the victim inside. He will talk in a few hours and drop dead after a few more. If your sauna got a good ventilating system, the floor can be rather cold so nail him to a chair to be sure of 100% effect. If he won’t talk anyway, open the door and burn his body to the hot stones. Talking about burning it leads us to…

     3. THE OVEN

Read the rest of this entry »

Page 5 of 9123456789