Every day I hear the angry roar of network mammoths "Oh, I was thrown on such and such a resource" Indeed, it is very easy to get to the scammer resource, while there are only a few sites with a good reputation and it is more difficult to get access to them than to the Masson lodge. To avoid such incidents, today I will give you a virtual tour of the most famous lairs of "black hats” and "crabs". Let's just agree right away that I'm not calling you to engage in illegal activities, and you're the only one responsible for your actions. Just note that no self-respecting information security specialist can do without access to such resources. Also, it would not be superfluous to remind you that such "clubs" are teeming with werewolves in uniform, pursuing self-serving and not very goals.
XSS (formerly DamageLab) is a large Russian — language resource. It even has a clearnet address that is still accessible from a Russian IP address. This is one of the first Russian-language forums for cybercriminals. Its predecessor, DamageLab, closed down after the arrest of one of its administrators in 2017. However, good people did not let the resource sink into oblivion: a former Exploit administrator purchased an XSS backup at the end of 2018 and has since turned the forum into a thriving and active community.
Link: Forum XSS.IS.
Among Russian carders, Verif is one of the most respected centenarians. It, like WWH, has become a kind of textbook for carders and a place for communication, searching for information and people needed for shadow work.
During the forum's existence, a lot of things have changed, only the dark blue lining remains the same, exactly in the style of the now deceased “mazafaki " model of the 2000s. Registration on the forum costs 50 US dollars, there is no possibility to register for free. But even after paying for access, it is problematic to operate on Verif, because carders are always wary of newcomers. One of the old-timers must first vouch for the newcomer — only then will they be able to start doing something on the forum. That is, even if the user has acquired full access to the forum, they will not be able to conduct business without a guarantee or deposit.
Verified Card Reader Forum (Onion).
One of the oldest resources on the Runet, dedicated mainly to hacker topics. It has been running continuously since 2005, and many attackers and observers consider it the platform with the most experienced cybercriminals.
Registration costs $100, but unlike "Verif", there is also a free option. To do this, the user must either provide the administration with a link to their accounts on other boards, or be a profile specialist and actually identify themselves. To register for free, accounts must have a reputation and have been registered for at least one year. Otherwise, the administration refuses to grant users access.
In order to conduct business or offer a service, it is better to make a deposit. Otherwise, no one will do business with you.
Exploit.in they are respected in the Russian darknet, but even Western colleagues sometimes look here.
The resource is available on the clearnet, and it also has a Jabber server, which is no less revered by users than the forum itself.
Hacker Forum Exploit.in.
This is one of the oldest forums dedicated to card sharing. Registration is free. Like Exploit, the forum can be divided into two large parts: Russian-speaking and English-speaking.
There are hundreds of articles devoted not only to carding, but also to scams, hacking, and social engineering techniques.
Link: CrdClub carding forum.
If in posts on Exploit, XSS and Verified, authors often write that they "do not work in ru and the CIS" (which means they are unwilling to do dark things on the territory of their native or nearby state), then "Breaking Through" is popular among scammers working in Russia and the CIS.
A distinctive feature of the forum is that it is almost entirely devoted to" breakouts", that is, for a certain amount on the forum you can find out information about a certain person: from credit history to passport data.
Here you can also find trading in "earning schemes": a person provides the administration with a document with a manual on earning money online (or offline), after checking the material, it is published in a certain forum thread and sold to users. The range of prices for such " earning schemes — is from a couple of thousand rubles to several million. It all depends on the potential profit.
Link: Probiv forum Probiv (Onion).
All of these forums readily offer jobs to specialists. The popularity of different types of vacancies varies depending on the focus of the forum: WWH is looking for skilled carders, Ekploit needs coders, and Probiv is mainly looking for drops for LLC and microloans.
And of course, trading is booming everywhere: on XSS, attackers buy someone else's credit card data, on an" Exploit "— a botnet or website, and "Probiv" provides them with passport data, hacked accounts, and much more for their shady activities.
After a clumsy series of mistakes, several communication and trading technologies were developed that offer increased efficiency, convenience, and security. There are messaging services and encrypted apps like Telegram, Wickr, and Discord, as well as decentralized technologies like Tor, DNS, i2P, and BitTorrent. Automated trading platforms are also well established in this environment.
But despite the emergence of such technologies, forums have turned out to be a dangerous and outdated platform for meeting intruders. Some of their members break a lot of laws.
The cybercriminal community is well aware of the authorities ' presence on their forums. Some resources exist only because they are valuable to the police – to gather intelligence and evidence.
Given the fact that cybercriminals conduct many transactions and often communicate on alternative platforms, we can expect that the need for forums will decrease over time. There is no denying that cybercriminals are increasingly using other platforms; Digital Shadows has even written about this phenomenon: «How Cybercriminals are Using Messaging Platforms». But the rise of alternative technologies doesn't mean an era of shutting down forums that seem to thrive against all odds.
Thank you all for reading! Good luck and be careful in your business.
Hacking and carding forums 2024
XSS
XSS (formerly DamageLab) is a large Russian — language resource. It even has a clearnet address that is still accessible from a Russian IP address. This is one of the first Russian-language forums for cybercriminals. Its predecessor, DamageLab, closed down after the arrest of one of its administrators in 2017. However, good people did not let the resource sink into oblivion: a former Exploit administrator purchased an XSS backup at the end of 2018 and has since turned the forum into a thriving and active community.
Link: Forum XSS.IS.
Verified
Among Russian carders, Verif is one of the most respected centenarians. It, like WWH, has become a kind of textbook for carders and a place for communication, searching for information and people needed for shadow work.
During the forum's existence, a lot of things have changed, only the dark blue lining remains the same, exactly in the style of the now deceased “mazafaki " model of the 2000s. Registration on the forum costs 50 US dollars, there is no possibility to register for free. But even after paying for access, it is problematic to operate on Verif, because carders are always wary of newcomers. One of the old-timers must first vouch for the newcomer — only then will they be able to start doing something on the forum. That is, even if the user has acquired full access to the forum, they will not be able to conduct business without a guarantee or deposit.
Verified Card Reader Forum (Onion).
Exploit.in
One of the oldest resources on the Runet, dedicated mainly to hacker topics. It has been running continuously since 2005, and many attackers and observers consider it the platform with the most experienced cybercriminals.
Registration costs $100, but unlike "Verif", there is also a free option. To do this, the user must either provide the administration with a link to their accounts on other boards, or be a profile specialist and actually identify themselves. To register for free, accounts must have a reputation and have been registered for at least one year. Otherwise, the administration refuses to grant users access.
In order to conduct business or offer a service, it is better to make a deposit. Otherwise, no one will do business with you.
Exploit.in they are respected in the Russian darknet, but even Western colleagues sometimes look here.
The resource is available on the clearnet, and it also has a Jabber server, which is no less revered by users than the forum itself.
Hacker Forum Exploit.in.
CrdClub
This is one of the oldest forums dedicated to card sharing. Registration is free. Like Exploit, the forum can be divided into two large parts: Russian-speaking and English-speaking.
There are hundreds of articles devoted not only to carding, but also to scams, hacking, and social engineering techniques.
Link: CrdClub carding forum.
Probiv
If in posts on Exploit, XSS and Verified, authors often write that they "do not work in ru and the CIS" (which means they are unwilling to do dark things on the territory of their native or nearby state), then "Breaking Through" is popular among scammers working in Russia and the CIS.
A distinctive feature of the forum is that it is almost entirely devoted to" breakouts", that is, for a certain amount on the forum you can find out information about a certain person: from credit history to passport data.
Here you can also find trading in "earning schemes": a person provides the administration with a document with a manual on earning money online (or offline), after checking the material, it is published in a certain forum thread and sold to users. The range of prices for such " earning schemes — is from a couple of thousand rubles to several million. It all depends on the potential profit.
Link: Probiv forum Probiv (Onion).
All of these forums readily offer jobs to specialists. The popularity of different types of vacancies varies depending on the focus of the forum: WWH is looking for skilled carders, Ekploit needs coders, and Probiv is mainly looking for drops for LLC and microloans.
And of course, trading is booming everywhere: on XSS, attackers buy someone else's credit card data, on an" Exploit "— a botnet or website, and "Probiv" provides them with passport data, hacked accounts, and much more for their shady activities.
An excursion into history
Since the early 1970s, forums have been one of the earliest and most basic Internet communication technologies. The emergence of the CarderPlanet forum in the first years of the new millennium has consolidated a well-established model, which is imitated by almost all new resources. CarderPlanet ceased to exist in 2004. However, he was replaced by vendors.name, who first applied the guarantee model during registration. Around the same time, Maza also appeared, which became a separate resource after a conflict between the administrators of the large Russian forum Mazafaka. Only in 2021, Maza was hacked and ceased to exist. You can also recall such popular resources as Verified, Carder.Su and Exploit. Separately, we can say about carder.org, which was the first Russian-language resource (existed from about 1998-2006) and on which the “fathers” (and even mothers) of the Russian cybercrime-a met. Cybercriminals still use forums to get tips and discuss the latest technologies and developments.After a clumsy series of mistakes, several communication and trading technologies were developed that offer increased efficiency, convenience, and security. There are messaging services and encrypted apps like Telegram, Wickr, and Discord, as well as decentralized technologies like Tor, DNS, i2P, and BitTorrent. Automated trading platforms are also well established in this environment.
But despite the emergence of such technologies, forums have turned out to be a dangerous and outdated platform for meeting intruders. Some of their members break a lot of laws.
The cybercriminal community is well aware of the authorities ' presence on their forums. Some resources exist only because they are valuable to the police – to gather intelligence and evidence.
Given the fact that cybercriminals conduct many transactions and often communicate on alternative platforms, we can expect that the need for forums will decrease over time. There is no denying that cybercriminals are increasingly using other platforms; Digital Shadows has even written about this phenomenon: «How Cybercriminals are Using Messaging Platforms». But the rise of alternative technologies doesn't mean an era of shutting down forums that seem to thrive against all odds.
Thank you all for reading! Good luck and be careful in your business.
