Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Carderprofit.cc Was FBI Carding Sting, Nets 26 Arrests

Unknown Lamer posted more than 2 years ago | from the crime-pays-but-then-prison dept.

Crime 181

tsu doh nimh writes in with news of a major sting operation against carders. From the article: "The U.S. Justice Department today unveiled the results of a two-year international cybercrime sting that culminated in the arrest of 26 people accused of trafficking in hundreds of thousands of stolen credit and debit card accounts. Among those arrested was an alleged core member of 'UGNazi,' a malicious hacking group that has claimed responsibility for a flood of recent attacks on Internet businesses." The trick: the FBI ran a carding forum as a honeypot.

Sorry! There are no comments related to the filter you selected.

The trick? (2, Insightful)

Rakshasa-sensei (533725) | more than 2 years ago | (#40466963)

FBI created some criminals.

Re:The trick? (2)

Cryacin (657549) | more than 2 years ago | (#40467015)

Geez, next you'll tell me that using dodgy sites through Tor to buy illegal crap with bitcoins mailed to your home address is a bad idea.

Re:The trick? (0)

Anonymous Coward | more than 2 years ago | (#40467113)

You mail it to an adversary instead.

Re:The trick? (3, Insightful)

mikael_j (106439) | more than 2 years ago | (#40467211)

If you're talking about Silk Road then I'm sure the authorities are pretty annoyed by it since at least here in Sweden they can't really do much if they somehow intercept a package containing drugs, weapons or some other contraband at the border and they can't follow the money or otherwise tie it to you (and it being addressed to you doesn't count since if it did you could just mail a few illegal items to anyone you wanted and tell the cops those people were expecting packages containing said illegal items).

Re:The trick? (5, Insightful)

L4t3r4lu5 (1216702) | more than 2 years ago | (#40467727)

The Silk Road thing set off my tin foil hat alarm. If I were a TLA, there's no way I'd openly admit that there was a way to be completely out of their reach.

$5 says Tor, or at least Silk Road is compromised, or maybe even a honeypot itself. If you were into the kind of thing they're in to, and a little short on the brain cell front, wouldn't you flock to the "Guaranteed safe by the FBI!" places?

Re:The trick? (0)

Anonymous Coward | more than 2 years ago | (#40467737)

Same here in the U.S. Imagine how many politicians would be receiving pure smack?

Re:The trick? (2)

arth1 (260657) | more than 2 years ago | (#40467773)

Same here in the U.S. Imagine how many politicians would be receiving pure smack?

Imagine how many of them would use it.
Imagine us not noticing any difference.

Re:The trick? (5, Insightful)

Anonymous Coward | more than 2 years ago | (#40467071)

FBI created some criminals.

Sure they did. Those poor innocents, tricked into doing something they weren't already doing.

Re:The trick? (1, Interesting)

X.25 (255792) | more than 2 years ago | (#40467179)

Sure they did. Those poor innocents, tricked into doing something they weren't already doing.

They spent 2 years trying to bait 26 idiots, instead of chasing real criminals.

You don't seem to understand the difference.

Re:The trick? (1)

Anonymous Coward | more than 2 years ago | (#40467265)

you act as if an entire force was dealing with the website instead of being on the street. I would assume that a street cop is not freelancing as a techie building websites. lets be real they only needed one tech to do this entire op (did they only use 1 prob not, but they only needed one) and if it was only 26, they probably didnt do any tricking, other than letting them do their own thing.

Re:The trick? (2)

sl4shd0rk (755837) | more than 2 years ago | (#40467313)

They spent 2 years trying to bait 26 idiots, instead of chasing real criminals.

Hey, but at least they got UGNazi.

Real criminals? (5, Insightful)

Anonymous Coward | more than 2 years ago | (#40467401)

Real criminals? If they were actually using credit card information to make illegal purchases, they ARE real criminals! Just because you don't have to mug someone to get his wallet doesn't matter. At least when you are mugged (assuming you don't have to go to the hospital) you know your personal information has been stolen. When your personal information is stolen via the computer, you often don't learn about it until the big bills start to pile up. Also, a mugger usually steals only hundreds (maybe thousands) a credit card thief usually starts at that point and goes up from there. In terms of money lost, we went the FBI to go after them and the thieves running the big banks and Wall Street. Let the local police deal with the muggers.

Re:The trick? (5, Insightful)

MickyTheIdiot (1032226) | more than 2 years ago | (#40467421)

This is much more of a real crime than "piracy." Good on them for getting some people actually causing harm.

Re:The trick? (1)

i_ate_god (899684) | more than 2 years ago | (#40467427)

26 idiots who could cost the economy how much in damage?

Re:The trick? (3, Insightful)

alen (225700) | more than 2 years ago | (#40467451)

this is how law enforcement works, you take down one criminal conspiracy at a time.

Re:The trick? (0)

Anonymous Coward | more than 2 years ago | (#40467503)

this is how law enforcement works, you take down one criminal conspiracy at a time.

But but everyone knows only tin-foil hatters believe in comspiracies!

Oh wait that's government that is immune to all conspiracies. Ill gotten money would tempt ppl to make a conspiracy. Somehow ill gotten money+power never does. And you're a fool to believe otherwise.

Re:The trick? (3, Interesting)

DrXym (126579) | more than 2 years ago | (#40467635)

So why were people dealing in large volumes of stolen credit cards not "real criminals" then?

Re:The trick? (2)

TheDarkMaster (1292526) | more than 2 years ago | (#40467961)

Many times you need time to get sufficient evidence (and most important, proof) that "Joe" is a criminal. And idiots or not, they are still criminals and need to be arrested.

so... (2)

circletimessquare (444983) | more than 2 years ago | (#40468267)

who qualifies as a criminal, exactly, by your interesting standards

Re:The trick? (1)

TapeCutter (624760) | more than 2 years ago | (#40468297)

You don't seem to understand the difference.

Any lack of understanding in the above thread, is all yours.

Re:The trick? (1)

Stan92057 (737634) | more than 2 years ago | (#40468341)

You must be a member of Anonymous or Lulz. Nothing else make since.

Re:The trick? (3, Informative)

Anonymous Coward | more than 2 years ago | (#40467779)

PROTIP: In Germany, that behavior is illegal for a reason.
The very same reason, the content Mafia can’t set up file sharing servers and downloads, and then sue people for downloading that.
It means you are part of the crime. (But hey, the FBI is used to that like no other...)
And that means you can't sue, without incriminating yourself too.

Yes, this not also counts for the police, but counts ESPECIALLY for the police, which is held to a higher standard.

Re:The trick? (4, Informative)

arth1 (260657) | more than 2 years ago | (#40468015)

PROTIP: In Germany, that behavior is illegal for a reason.
The very same reason, the content Mafia canâ(TM)t set up file sharing servers and downloads, and then sue people for downloading that.
It means you are part of the crime. (But hey, the FBI is used to that like no other...)
And that means you can't sue, without incriminating yourself too.

No, while both are illegal, it's for different reasons. One is called "unclean hands", and the other is called "entrapment".

If VISA had set up a site and participated in hacking VISA cards, they would have unclean hands. It would change their status.

If a three letter agency does the same, and it causes people who otherwise would not have done that particular crime to do it, it's called entrapment. It would change the suspect's status.

Re:The trick? (4, Informative)

Burning1 (204959) | more than 2 years ago | (#40468483)

If a three letter agency does the same, and it causes people who otherwise would not have done that particular crime to do it, it's called entrapment. It would change the suspect's status.

This is a common and incorrect understanding of entrapment. It's entrapment if the FBI tells you to steal credit cards, and then arrests you for it. It is not entrapment if the FBI makes credit cards available to be stolen, and then arrests you for it stealing them, The former is an example of the FBI pressuring you to do something you wouldn't have done. The latter is an example of the FBI facilitating you to do something you would have done, given an opportunity.

Entrapment: You should hire that hitman to kill your wife.
Not entrapment: I'm a hitman. Do you want to kill your wife?

Re:The trick? (4, Informative)

arth1 (260657) | more than 2 years ago | (#40468683)

This is a common and incorrect understanding of entrapment.

One shared by the Supreme Court Of The United States.
They incorrectly claim that the prosecution must overcome a "subjective test" by showing the defendant had a predisposition to commit the crime in any event, even if the law enforcement operatives had not been present.

https://supreme.justia.com/cases/federal/us/287/435/case.html [justia.com]
https://supreme.justia.com/cases/federal/us/503/540/case.html [justia.com]

I think you need to go teach these justices the errors of their ways.

Re:The trick? (1)

arth1 (260657) | more than 2 years ago | (#40467887)

Sure they did. Those poor innocents, tricked into doing something they weren't already doing.

If they had evidence that they were already doing something illegal, they should have arrested them on that evidence.

Entrapment is mostly illegal, and can only be used when it can be shown that the crime would occur by the same defendant whether or not the police was involved.
If any of the 26 might not have committed the crime if it wasn't for the FBI's web site, the case should fall.

Also see http://en.wikipedia.org/wiki/Jacobson_v._United_States [wikipedia.org]

Re:The trick? (5, Informative)

Lashat (1041424) | more than 2 years ago | (#40468055)

This is not automatically entrapment. The sting is just like a drugs for sale or prostitution on a street corner. Undercover cop wearing a wire and being videotaped by concealed police sits on stragetic street corner known to be hot with drugs or prostitution. The undercover cop is dressed to bait the individual seeking the drugs/services they believe the undercover is there to provide. When the individual atempts to solicit for purchase the drugs/services they are arrested for that crime.

It is only entrapment if the person is induced to commit a crime "he or she is not previously disposed to commit".
http://legal-dictionary.thefreedictionary.com/entrapment [thefreedictionary.com]

An important and often argued point.

So, I guess, if FBI does it, (0, Troll)

BanHammor (2587175) | more than 2 years ago | (#40466965)

Then it is not illegal.

Re:So, I guess, if FBI does it, (5, Informative)

plover (150551) | more than 2 years ago | (#40467785)

Then it is not illegal.

It's called undercover police work, and undercover police work is perfectly legal, including the commission of various non-violent crimes required to maintain their cover.

The cops weren't out there having TVs shipped to their houses and not documenting them so the victims wouldn't be reimbursed. They were hosting a forum, and made it look like other similar on-line criminal hangouts. When real criminals arrived, they maintained the forum long enough to accumulate enough evidence (IDs of suspects, records of criminal activity), then rolled them up.

They did their jobs, successfully.

Re:So, I guess, if FBI does it, (1)

linuxwebadmin (694411) | more than 2 years ago | (#40467937)

+1

Re:So, I guess, if FBI does it, (2)

Tanktalus (794810) | more than 2 years ago | (#40468307)

It's been long known that the best way to catch a criminal is to pretend to be one. (Some might argue that the government is already doing a damned good job of that.) Getting them to show their hand (having a cop as a witness to the crime) and/or confess their misdeeds voluntarily is pretty much the best way to get a conviction.

This is why you get undercover cops buying drugs, joining gangs, etc. Stings are perfectly legal, and, if they follow the rules as laid out by the courts, seem pretty reasonable. As long as the cops don't entice someone into committing a crime, they're clear. Pretending to be a fence and accepting stolen goods is not entrapment, but pretending to be a fence and telling someone to steal something to sell to you is. If "carderprofit.cc" merely accepted the trade of stolen card info, it's a sting. If they recruited people to target specific venues ("I hear ebay.ca's admin password is XXXX, why don't you nab us some of those cards?"), that's entrapment.

So, no, it's not illegal.

Ah oh (0)

Anonymous Coward | more than 2 years ago | (#40466985)

Just use a card from there to sign up for a premium account over at downloadallyouwantwhichyouconfessisafederalcrime.cc

the fact that this worked is (3, Interesting)

nopainogain (1091795) | more than 2 years ago | (#40466991)

HILARIOUS.. I mean it reminds me of the dick-tracy parody bugs bunny cartoon yeaaaaaars ago where the villains' hideout was marked by a blinking marquee and neon signs that said "secret hideout" or something. how dumb are the criminals that fall for this?

Re:the fact that this worked is (1)

alen (225700) | more than 2 years ago | (#40467143)

most criminals are dumb. its just that unless its a violent crime most times the cops ignore you if you're a loner. once you set up an organization that starts costing businesses a lot of money you get noticed.

the people involved are dumb

EVERYTHING is tracked
if you're a checkout drone everything is tracked. everyone knows which purchases you ring up. if there is a rash of CC fraud the first thing people will do is look in the computer for similarities and guess what, they will find that by some strange coincidence 20 different compromised CC cards were used to make purchases by the same cashier. or at the same restaurant or whatever.

Re:the fact that this worked is (1)

mcgrew (92797) | more than 2 years ago | (#40468505)

most criminals are dumb.

Then why are 90% of crimes unsolved? No, most criminals who get caught are dumb. Look how long Madoff got away with his multibillion dollar Ponzi scheme.

They're not dumb, they just have no morals.

Re:the fact that this worked is (1)

wiredog (43288) | more than 2 years ago | (#40467701)

how dumb are the criminals that fall for this?
If they were smart, they wouldn't become criminals. Most criminals are somewhat less than bright.

Re:the fact that this worked is (1)

arth1 (260657) | more than 2 years ago | (#40468415)

If they were smart, they wouldn't become criminals.

Non sequitur.
If they were smart criminals, they wouldn't get caught.

Re:the fact that this worked is (1)

SuricouRaven (1897204) | more than 2 years ago | (#40468423)

Or perhaps only the dumber ones get caught. The smart ones can get away with it.

Re:the fact that this worked is (2)

mrops (927562) | more than 2 years ago | (#40468157)

I recalled watching some program where robber handed out a "hand me all your money" note on the back of his medical prescription.

Over time I realized that majority of these petty thief are doing what they are doing because they are too dumb or lazy to do anything else.

I mean it takes certain kind of an idiot to do stupid crime, the smart ones become bankers.

Re:the fact that this worked is (0)

Anonymous Coward | more than 2 years ago | (#40468669)

Snakeyes. Ah! 88 teeth! Oh! Hammerhead! Oh no! Pussycat, Pussycat Puss. Batman! Double Header! P-p-pickle Puss. P-p-ph-Pumpkinhead! Neon Noodle! Guh. Jukebox Jaw! Wolfman!

HE a Nazi let get him (0)

Anonymous Coward | more than 2 years ago | (#40466997)

HE a Nazi let get him

Huh? (-1)

Anonymous Coward | more than 2 years ago | (#40466999)

I thought these faggets used tor and their own private peer-to-peer encrypted chat protocols. These weren't "real criminals". This were just feel-good arrests by our sociopaths "justice system".

So, now we know! (1)

Anonymous Coward | more than 2 years ago | (#40467027)

Now we have the answer: the FBI has been uploading copyrighted/illegal content to p2p networks to create leechers!

Hmm (2, Funny)

Anonymous Coward | more than 2 years ago | (#40467033)

Why does Avast WebRep have 3 red bars for justice.gov?

honeylover (0)

Anonymous Coward | more than 2 years ago | (#40467095)

OMJ im stick on the pot.. help me out!!

No this isnt entrapment (1, Insightful)

Anonymous Coward | more than 2 years ago | (#40467099)

If you think it is, you are an idiot that has no clue what the term entrapment means.

Re:No this isnt entrapment (5, Informative)

sohmc (595388) | more than 2 years ago | (#40467225)

A quick primer on entrapment:

If you are trolling Drug Dealer Drive for drugs and you happen to ask a undercover agent for drugs, you are guilty.

If a undercover agent posing as a drug dealer comes to you out of the blue and says that you need to buy his drugs so that he can help his sweet grandmother beat cancer, that's entrapment.

The difference is that in the first example, you were already out with the intention of doing something illegal. The second example you were approached by LEO and convinced to do something you normally wouldn't do.

IANAL and I'm sure each jurisdiction has it's own definition of entrapment but this is the jist.

Re:No this isnt entrapment (1)

HideyoshiJP (1392619) | more than 2 years ago | (#40467449)

Hey, I live on Drug Dealer Drive! I can't believe that neighborhood has gone so far downhill...

Re:No this isnt entrapment (-1)

Anonymous Coward | more than 2 years ago | (#40467541)

The second still isnt entrapment. If the drug deal/agent held a gun to your head and said 'buy my drugs or die', that is entrapment.

Re:No this isnt entrapment (1)

bill_mcgonigle (4333) | more than 2 years ago | (#40467733)

Yeah, that's how the courts used to decide this, but not anymore. [nytimes.com]

Re:No this isnt entrapment (1)

vlm (69642) | more than 2 years ago | (#40467299)

If you think it is, you are an idiot that has no clue what the term entrapment means.

How the heck do you get a +3 insightful without bothering to explain why or even a cut and paste of the def?

I am not a lawyer blah blah. Some /.ers are, and will probably make fun of my definition, or even call me an idiot. Thats OK, that stuff makes me laugh. But the one line summary is: entrapment requires persuasive leadership by .gov not merely an announcement that ".gov is open for business!". The standard /. car analogy is walking onto the lot of your own free will with your own idea of buying a car is not like entrapment via the salesman. On the other hand, your boss at work, tracks you down at home, is the first to suggest the idea of buying a car from him, argues with you for hours until you finally give in and agree to buy a car even though you don't really want to and never wanted to, that is what entrapment is like. Maybe another way to put it, is if Mr .gov was not working for .gov, his behavior would be described as leadership/blackmail/intimidation/salesmanship, but if a law enforcement officer does it, its called entrapment.

Re:No this isnt entrapment (1)

arth1 (260657) | more than 2 years ago | (#40468541)

But the one line summary is: entrapment requires persuasive leadership by .gov not merely an announcement that ".gov is open for business!".

No, it doesn't have to be persuasive, it's enough that's inciting. If there is no evidence that the person would not have committed a crime of the same nature without the presence or actions of the , it's entrapment.

See http://en.wikipedia.org/wiki/Jacobson_v._United_States [wikipedia.org]

Re:No this isnt entrapment (5, Informative)

Sarten-X (1102295) | more than 2 years ago | (#40467457)

Here's what entrapment is [tumblr.com] , as explained by a lawyer, in an appropriately visual format to appease the attention span of most Slashdotters.

Re:No this isnt entrapment (0)

Anonymous Coward | more than 2 years ago | (#40468021)

That awkward moment, when you suggest the mindset of a lawyer as a moral guide... *facepalm*

Re:No this isnt entrapment (1)

Sarten-X (1102295) | more than 2 years ago | (#40468139)

This is a legal matter, not a moral one.

Re:No this isnt entrapment (0)

Anonymous Coward | more than 2 years ago | (#40468525)

Well, the only entertaining thing about this comic is that it apparently was made in a bizarrely prude culture where prostitution is illegal.

Waste of time (5, Insightful)

benjfowler (239527) | more than 2 years ago | (#40467145)

The carders they busted are low-life amateurs, not serious criminals. I'm sure the FBI and friends will milk this for all it's worth, but it's the equivalent of nicking a couple of shoplifters while at the same time, Mexican drug lords are burning down the entire city.

Come and wake me up when they bag some REAL criminals, like the big Russian gangsters robbing SMEs out of hundreds of millions per annum.

The real criminals are untouched -- and untouchable.

Re:Waste of time (1)

Anonymous Coward | more than 2 years ago | (#40467303)

I had no idea soy methyl esters were so profitable.

It's self-promotion .... (3, Insightful)

King_TJ (85913) | more than 2 years ago | (#40467351)

Of course the parent poster is right... I'd imagine any serious credit card thief would be operating through Tor, doing anonymous payment with something like Bitcoin, and not even fooling around with signing up on new sites of unknown/unverified origins.

But this is pretty typical for the FBI. They're as interested in the P.R. as anything else. They need to show they're making arrests and giving the news media something positive to print. It helps ensure their continued funding for the division handling these high-tech crimes and they probably also figure it's a deterrent to beginners, who could become tomorrow's elite card thieves otherwise.

Re:It's self-promotion .... (1)

DrXym (126579) | more than 2 years ago | (#40467685)

No, it's typical of the FBI to pursue criminals, gather evidence and secure convictions. You might not think these thieves were serious or maybe they were just dumbasses but they were still thieves. After all they traded 400,000 stolen credit cards.

Re:Waste of time (2)

Hatta (162192) | more than 2 years ago | (#40467371)

Come and wake me up when they bag some REAL criminals, like the big Russian gangsters robbing SMEs out of hundreds of millions per annum.

Or Lloyd Blankfein or John Corzine.

Re:Waste of time (5, Insightful)

phantomfive (622387) | more than 2 years ago | (#40467623)

People who've stolen hundreds of thousands of credit card numbers are worth arresting, even if there are other people who are worse.

Re:Waste of time (2)

John Bokma (834313) | more than 2 years ago | (#40467805)

I live in Mexico (born in the Netherlands). While there was a shoot out in a neighbourhood very close to ours about a year and a half ago, I suffer right now much more from actual criminals as in Banamex, the so called National Bank of Mexico.

Back in November my bank card got stolen, a card with a nice but meaningless MasterCard [1] logo. It got cloned before the theft was even discovered (piss poor security on those cards) and used to shop in 2 different locations, in total around 2000 USD of goods, including 2 iPads. No problem, you would think, the bank is insured for such events. Right, think. When we tried to report this to Banamex we were told there are 2 ways to report such fraudulent transactions: by phone, or by filing in forms. The later would take 90 (!!) days to be processed.

Of course we went for the phone options.... But after 4 hours (!) we still hadn't been able to talk to someone who actually could process our report. One would think that my inability to speak Spanish had something to do with all this, but no. It's just the piss poor service of Banamex. We later found out that cloning happens a lot in Mexico, and the bank who does the least about this (paying out insurance money) is Banamex...

Nearly 8 months later, still no money. The only option seems to be to go to CONDUSEF, and organization that mediates in cases of disputes between banks and customers (or something like that, translation is most likely: paper pushing at the same level as PROFECO). But from what I understand (and maybe I got this wrong) one has to go to a "nearby" office of CONDUSEF to talk with, in my case, a representative of Banamex. Nearby as in Veracruz, 2+ hours of travel.

Mexican drug lords? Corruption? Nah, the real problem are not the "banditos" in Mexico, but organizations posing as legal but thieving from the poor and not so poor. Probably like how things go in many other countries as well.

Twenty six arrests? Just panem et circenses.

[1] I contacted MasterCard USA, since I guess they license their piss poor products to banks like Banamex. Several times over the period of a month I was told they would "escalate" things. Riiiiggght. Banamex = paying customer, while I am just a nobody; a milk cow.

Re:Waste of time (0)

Anonymous Coward | more than 2 years ago | (#40468121)

Mexican drug lords? Corruption? Nah, the real problem are not the "banditos" in Mexico, but organizations posing as legal but thieving from the poor and not so poor.

Let us know when your bank starts decapitating people.

Re:Waste of time (2)

TheDarkMaster (1292526) | more than 2 years ago | (#40468197)

Paraguay is a country where your credit card is cloned / stolen by default. Fortunately when I left this junk country I suspected and immediately canceled the card and asked for another.

Re:Waste of time (0)

Anonymous Coward | more than 2 years ago | (#40467891)

you might feel differently if it was your cc, ID and funds that were compromised by these low life thieves. If the FBI can take these thugs out before they turn into larger crooks, then so be it.
   

Re:Waste of time (2)

plover (150551) | more than 2 years ago | (#40468227)

Crime is crime. Since there's more than enough crime to go around for the resources available to fight it, that means the fighting has to be prioritized. But it doesn't mean all low level crimes are completely ignored while the biggest crimes get 100% of the resources.

The fight against carders is statistical. While it's more of a "nuisance" crime to the hundreds of thousands of people who have to disrupt their lives cleaning up their credit messes, the total loss from those hundreds of thousands of individual crimes adds up to a significant financial theft from the banks who have to reimburse those victims.

The DOJ already spends billions of dollars on the War on Drugs. They can afford to spend a few hundred thousand on a sting that pulls many millions of dollars worth of criminals off the streets.

Re:Waste of time (1)

StormReaver (59959) | more than 2 years ago | (#40468327)

Come and wake me up when they bag some REAL criminals...

And risk getting their funding cut?

honeypot detect? (2)

j00r0m4nc3r (959816) | more than 2 years ago | (#40467253)

Ok, this is a purely curiosity-based question, and I know there's lot of web security people roaming around here. How would you actually detect that a website like this is a honeypot?

Re:honeypot detect? (0)

Anonymous Coward | more than 2 years ago | (#40467287)

You wouldn't.

Re:honeypot detect? (4, Funny)

gv250 (897841) | more than 2 years ago | (#40467385)

How would you actually detect that a website like this is a honeypot?

The 6:00 AM knock on your door.

Re:honeypot detect? (1)

PenquinCoder (1431871) | more than 2 years ago | (#40467667)

FBI and other US officials like the 'Operation 4:00AM knock on the door' better. at 6:00AM, some people are actually you know, already awake to start their day. Much less likely at 4:00AM; Path of least resistance.

Re:honeypot detect? (2)

Hatta (162192) | more than 2 years ago | (#40467429)

I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question.

Re:honeypot detect? (0)

Anonymous Coward | more than 2 years ago | (#40467603)

I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question.

The attribution you were too lazy to supply? Charles Babbage, when asked if wrong figures put into his machine would result in correct answers.

Garbage in, garbage out.

Re:honeypot detect? (1)

Hatta (162192) | more than 2 years ago | (#40468249)

Yeah, I figured it would be obvious to this crowd. But it's a bit of hyperbole on reflection. I think I can rightly apprehend the confusion of ideas. GP post wants a technical means to determine the intent of a social system.

Re:honeypot detect? (1)

PPH (736903) | more than 2 years ago | (#40467499)

They all are. So stay in your mom's basement and don't go using credit card numbers you've found on line.

Re:honeypot detect? (0)

Anonymous Coward | more than 2 years ago | (#40467597)

Ok, this is a purely curiosity-based question, and I know there's lot of web security people roaming around here. How would you actually detect that a website like this is a honeypot?

Well, I for one, watch out for for these users: FlowersByIrene, FutureBusinessInventor, FloatyBeeInjections, FalseBuyerIncognito

Re:honeypot detect? (1)

Fnord666 (889225) | more than 2 years ago | (#40467609)

Ok, this is a purely curiosity-based question, and I know there's lot of web security people roaming around here. How would you actually detect that a website like this is a honeypot?

If all of the email addresses in the DNS entry go to fbi.gov, it might be a honeypot.
If the server ip addresses are in the fbi.gov ip block, it might be a honeypot.
Feel free to add others!

Re:honeypot detect? (4, Funny)

Bill, Shooter of Bul (629286) | more than 2 years ago | (#40467693)

That is a very good question. Here are some tips..

If the tcp packets coming back to you are mysteriously lacking in honey ... it might be a honey pot.
If their is a slight buzzing comming from your network connection... it might be a honey pot.
If swarms of bees, bears, or badgers appear around your computer .... it might be a honey pot.

Or you might be playing The Secret World (1)

SmallFurryCreature (593017) | more than 2 years ago | (#40467983)

Join the bee people!

Re:honeypot detect? (4, Funny)

tobiasly (524456) | more than 2 years ago | (#40468093)

$> dig carderprofit.cc
;; QUESTION SECTION:
;carderprofit.cc.               IN      A

;; ANSWER SECTION:
carderprofit.cc         78003   IN      CNAME   fbi.gov.
fbi.gov                 78003   IN      A       72.21.81.85

Re:honeypot detect? (2)

belthize (990217) | more than 2 years ago | (#40468379)

This is close, if dig returns a result at all be wary. You can never be sure but do you really want to be discussing illegal activities at a site hosted on Amazon Web Services (dig actually returns awsdns though that's probably synonymous with fbi.gov in this case) vs some dark net address.

Re:honeypot detect? (1)

SuricouRaven (1897204) | more than 2 years ago | (#40468487)

If it's done well, you wouldn't. There is the chance someone at the FBI will slip up though - maybe use an IP address that is in the same allocation as other FBI public servers, or something like that. But if they don't, then there is no way to prove it *isn't* a honeypot.

low hanging fruit (1)

DarthVain (724186) | more than 2 years ago | (#40467271)

I'm gonna go out on a limb (sorry about the pun) and say that all they got were low hanging fruit.

I mean the criminal would have to be pretty dumb to actual use said service.

This is making criminals, if such a service wasn't available, likely these dullards wouldn't have a way to break the law (at least in this context).

Anyway I doubt this has improved the world in any appreciable way.

Re:low hanging fruit (1)

slazzy (864185) | more than 2 years ago | (#40467561)

This might be true, but they can use them to follow the chain up to the bigger criminals or at least get clues as to who they are.

Re:low hanging fruit (1)

Brewster Jennings (2642639) | more than 2 years ago | (#40467839)

That is the inevitable result of any operation this large: you catch the most careless, least intelligent, or unlucky criminals. However, people breaking the law don't operate in a vacuum; if the Age of Facebook has taught us anything, it's that everyone is connected to people on a much larger scale than we would have believed. Investigators will have terabytes of information to review, and this will in turn lead to arrests of associates, or at the very minimum put previously undetected criminals on the radar. The disruption to the identity theft/fraud industry could be significant. Even the news itself of the operation could have that effect.

Re:low hanging fruit (1)

TheDarkMaster (1292526) | more than 2 years ago | (#40468053)

When you tolerate the small criminals, they sooner or later become major criminals. And as another commenter posted, you can follow the little ones to find the big ones.

Re:low hanging fruit (0)

Anonymous Coward | more than 2 years ago | (#40468543)

I'm gonna go out on a limb (sorry about the pun) and say that all they got were low hanging fruit.

You seem to be suggesting it's a bad thing.

I say it's a good thing they catch criminals, no matter how stupid or how smart the criminals are. The more criminals they catch, the better it is. (And we now have enough laws to make almost everyone a criminal, so there will be more arrests coming.)

Ron Paul bee (1)

Quakeulf (2650167) | more than 2 years ago | (#40467291)

One can only hope FBI does not turn out to run 4chan as a sting operation...

Re:Ron Paul bee (1)

Anonymous Coward | more than 2 years ago | (#40467367)

moot's already demonstrated that he keeps access records and provides them to the Court - see the Palin e-mail affair.

As to "Carderprofit", I guess you have two options:

1) Go after dangerous, significantly harmful criminals who wouldn't dream of socialising on some mysterious forum which just popped up somewhere; or

2) Create site which trains up a few naive, dumb people in credit card fraud, and allow them to commit non-victimless crimes for a couple of years. Then arrest them and announce you're doing something useful.

Since CC fraud is profitable for banks, as the merchant has to pay up, I am fairly sure that the FBI's remit is to ensure that CC fraud continues.

Re:Ron Paul bee (0)

Anonymous Coward | more than 2 years ago | (#40467687)

Long-term, CC fraud is a negative to banks, since increased costs associated with using a credit card lead to merchants either deciding to no longer accept credit cards or to apply increased fees to their customers to use them, causing the customer to avoid them. You already see this happening with gas stations.

Re:Ron Paul bee (0)

Anonymous Coward | more than 2 years ago | (#40467823)

see the Palin e-mail affair.

And the football stadium threat and various kiddy porn reports etc etc.

Re:Ron Paul bee (0)

Anonymous Coward | more than 2 years ago | (#40468755)

Yep, it's an either/or situation. The FBI cannot possiblly be doing both or we'd know about it. Just like the posters above asked "why isn't the FBI going after real criminals?" Why did they use all of their resources and manpower and just these 26 people? Government waste at its worst. Well, now I wonder what single operation every single person in the FBI will be working on since they can't do more than one thing at a time apparently.

Don't you think that number 1 requires more secrecy considering the expertise of the criminals involved? Wouldn't annoucing your work make it harder to follow the criminals and route out the entire structure? I guess not. The FBI should just announce what it's doing at all times and give real time updates on all operations. Not the strategy I'd go with, but I'm not the FBI director like you must be.

26.. That's all? (0)

Anonymous Coward | more than 2 years ago | (#40467331)

Twenty-six small time nobodies and they parade it around no national media. I wonder how many man-hours and millions of dollars was spent on this lame op.

Good for them (2)

Madman (84403) | more than 2 years ago | (#40467335)

I for one am happy that law enforcement is finally figuring out how to apply traditional police work to the internet successfully. It's the good old-fashioned sting made digital.

Lol. (0)

Anonymous Coward | more than 2 years ago | (#40467489)

The trick: the FBI ran a carding forum as a honeypot.

The lesson: don't be a retard and brag about your illegal activities online.

Meanwhile fraud-ring-in-hacking-attack-on-60-banks (2, Interesting)

Anonymous Coward | more than 2 years ago | (#40468029)

http://news.sky.com/story/952931/fraud-ring-in-hacking-attack-on-60-banks

Re:Meanwhile fraud-ring-in-hacking-attack-on-60-ba (1)

Anonymous Coward | more than 2 years ago | (#40468081)

Maybe I should have put it in BOLD? will it get an up vote by the blackhat SEO mods?

Re:Meanwhile fraud-ring-in-hacking-attack-on-60-ba (0)

Anonymous Coward | more than 2 years ago | (#40468225)

MASSIVE CYBER RAID HITS 60 BANKS; $75 MILLION STOLEN
Nobody playing with the feds on cardprofit.cc could see or predict this one coming.
It's not enough to point out banksters and predict catastrophe.
They actually must be stopped.

broken oaths mean nobody obeys any law, it means lawless.

Re:Meanwhile fraud-ring-in-hacking-attack-on-60-ba (1)

Anonymous Coward | more than 2 years ago | (#40468361)

WHAT NO FUCKING COMMENTS?

The automated malicious software programme (program, love that English accent) was discovered to use servers to process thousands of attempted thefts from both commercial firms and private individuals.
The stolen money was then sent to so-called mule accounts in caches of a few hundreds and 100,000 euro (£80,000) at a time.
Credit unions, large multinational banks and regional banks have all been attacked.
Sky News defence and security editor Sam Kiley said: "It does include British financial institutions and has jumped over to North America and South America.
"What they have done differently from routine attacks is that they have got into the bank servers and constructed software that is automated.
"It can get around some of the mechanisms that alert the banking system to abnormal activity."
The details of the global fraud come just a day after the MI5 boss warned of the new cyber security threat to UK business.
McAfee researchers have been able to track the global fraud, which still continues, across countries and continents.
"They have identified 60 different servers, many of them in Russia, and they have identified one alone that has been used to steal 60m euro," Kiley said.
"There are dozens of servers still grinding away at this fraud – in effect stealing money."

The clip flashed a few video frames of 1.2 Billion Euro as a theft amount.

I say we de-activate the FBI if they won't obey their oaths

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?