Planet of Hackers: how the world's largest cybercriminal forum was created.
US intelligence agencies often catch "Russian" carders. Forbes managed to talk to the creators and users of the CarderPlanet forum, some of whom were behind bars
A young man was slowly sipping a cocktail at Nice airport, leaving after a rough rest, when a special forces squad burst into the waiting room. Men wearing black masks and carrying submachine guns quickly surrounded him and threw him to the floor. "You are being charged with fraud,"said one of the commandos. This is how the detention of Russian hacker Vladislav Khorokhorin, whom the US authorities consider one of the most dangerous cybercriminals, took place.
In the hacker world, Khorokhorin is better known under the pseudonym BadB. He was one of the "top managers" of the CarderPlanet forum: the platform brought together several thousand people who were engaged in carding-theft and sale of credit card data. "In fact, this is the first carder forum that was well — known and brought together the entire carder crowd," says Dmitry Volkov, a leading expert at the Group-IB cybercrime investigation company.
American government agencies called CarderPlanet perhaps the most dangerous community of cybercriminals. The forum's management assumed titles similar to those of the Italian Mafia, and their daily earnings could reach tens, and sometimes hundreds of thousands of dollars. Forbes found out how CarderPlanet was created and what happened to its founders.
"I broke the Israeli army"
How does the carder business work? You can steal bank card information in completely different ways: copy it in a restaurant when paying an invoice, convince the user to enter data on a fake website, hack into the database of a bank or large retailer, or install a reader at an ATM. Such databases can be resold, and not necessarily resold by hackers themselves. Sometimes sales channels are searched for by intermediaries. This is partly why hacker forums are needed, where you can find potential buyers.One of these intermediaries, Dmitry Golubov, was met in 1998 by Vladislav Khorokhorin, who needed real bank card details to access a porn site. "In practice, Dima could not hack anything more serious than his parents' dresser. He couldn't even install Windows properly. His real talent was organizing people, haggling and bartering, " says Khorokhorin about Golubov.
Prior to this incident, Khorokhorin was almost not engaged in carding: he stole ICQ numbers, hacked Internet service providers, and even managed to serve time in an Israeli prison, where he moved with his mother from Donetsk. "I broke the Israeli army. After serving time and being kicked out of the service with a bang, I then broke the Israeli bank Discount, " says Khorokhorin. Then he was about 20 years old. Carding has become a new passion for Khorokhorin. He was increasingly sitting on the forum Carder.org where he also invited Golubov. There, friends chose their new nicknames BadB and Script, by which they became known in the hacker crowd.
As Khorokhorin recalls, Golubov immediately decided to make money and placed an ad for the sale of credit cards, or "cardboard", as they were called in the crowd. However, almost immediately he was kicked out for such an ad. "It was allowed to place an ad for sale if you yourself directly stole the goods being sold," explains Khorokhorin. According to him, Golubov immediately decided to open his own forum Carder.ru which would be an alternative Carder.org. For the position of administrator and web designer, he called his new friend Khorokhorin - BadB. The forum became popular almost immediately. Khorokhorin explains this in a large article in the Hacker magazine. "So we became famous, but so far only in the vast expanses of our homeland," says BadB.
However, the new forum did not last long: the site received many complaints, and it was closed. But its creators immediately registered three new domains: Carderplanet.com, Carderplanet.net and Carderplanet.org. So, in 2001, the history of the forum began, which the US intelligence agencies would later call "the most dangerous cybercrime organization."
From the "watchers" to the "dons"
The new site was rapidly gaining popularity: there you could chat with like-minded people, read training articles, ask for advice, negotiate a deal or get an order. The forum was run by administrators, the most important of whom called themselves dons in the spirit of the Sicilian mafia, and all together they were "family". However, initially the creators of the forum were closer to the Russian criminal romance: they called themselves virtual "thieves in law" and "watchers", but this was quickly abandoned. "We are also not far from the criminal world of the CIS. And it turned out that you crowned yourself, even if virtually. They can ask for this, " explains Khorokhorin.The CarderPlanet forum gradually began to attract not only carders, but also representatives of other cybercrime spheres. And sometimes even people who are far from hacking at all. So, one of the donovs on the forum was Roman Vega: he had his own project Boa Factory, which not only sold credit cards, but could also make passports of other countries by order. According to an employee of one of Vega's companies, he started doing business in the 1990s, trading with government agencies of different countries, including weapons and special equipment, but in the early 2000s Vega concentrated on passports and bank cards.
"The procedure with the registration of European and American passports was simple: the customer sent photos via "e-mail" to .jpg, their requirements for the passport of a particular country and their (desired) data, and after some time (usually several weeks) received by mail, to the address specified when ordering, the finished passport. If desired-with a handful of stamps of entry and exit from different countries-so that the passport does not look new," says the source of Forbes, familiar with Vega. The site promised Irish citizenship and a full set of documents for $25,000, a passport of EU countries cost about $1,300, and a Bahraini passport was asked for almost $8,000. "The passports were produced partly in a factory in Eastern Europe (in two locations), and partly in one of the Central American countries. In some countries, the company had loopholes and agreements with officials to obtain official citizenship and passports," says a Forbes source who worked with Vega.
Vega found out about the carder forum almost by accident: a partner told him about CarderPlanet, to whom Vega complained about frequent hacker attacks on the systems of his companies. Vega quickly got used to the new environment, and in mid-2002, he became almost the main character at the forum participants ' meeting, which the creators of CarderPlanet decided to hold in Odessa. Why do hackers need a conference? At that time, professional conferences of cybersecurity specialists were being held in the United States, and carders wanted to make an analog. However, the first meeting was not too numerous. "The people were from Russia, Belarus, even from Canada. In total — about 15-20 people. At that time, some people were staying at camp sites, some in rented apartments, some in hotels," says one of the participants of that conference, who refused to give Forbes his real name.
"Top managers" of the forum tried to control transactions and life on the forum. According to Khorokhorin, everyone had to obey "universal" moral values: "don't piss", "don't rat", "respect the hierarchy", "don't shit where you live". Although it was not possible to completely avoid conflicts. "Showdowns were constant, like any other business, especially criminal, here the struggle for spheres of influence is inevitable. And people were often caught. No one, of course, died, not animals, but sometimes they were hit hard, " says Khorokhorin. Roman Vega, in response to a question about conflicts, also starts talking about "concepts": "It's not good to cheat people. Especially their compatriots. Especially those you work with. You need to distinguish in life – what is possible and what is impossible under any circumstances."
(c) https://www.forbes.ru/tekhnologii/t...ak-sozdavalsya-krupneishii-v-mire-forum-kiber
