Credit card thieves setting up safe seller certifications

Researchers hit Tor, find sophisticated self-regulating market

australian credit cards fraud contactless

Breakpoint In the world of carding, you get what you pay for: stolen cards are cheaper on riskier public trading forums and more pricey on closed more reliable markets, according to recent analysis.

Since 2007, Michigan State University associate professor Thomas Holt, University of North Carolina assistant professor Olga Smirnova and Yi-Ting Chua of Michigan State University have examined the machinations of carding markets in a bid to understand how trading reputation works and to keep tabs on fluctuating prices.

Their research presented at DEF CON this year revealed that the price of stolen credit cards dropped as the risk of bogus sales increased, a reference to the difference between public carder sites and vetted, invite-only underground stores.

Holt will this week present further developments at the Breakpoint security conference in Melbourne, where he will explain how law enforcement could use vendor reputation scoring to target the top criminals.

"The idea of signals to identify who may be a more or less reputable seller is vital for law enforcement and extra-legal market disruption, so our findings should be useful in that respect," Holt told The Register ahead of his talk.

The researchers have since discovered a slight drop in the overall cost of cards, known as dumps, and were examining carder forums as Tor hidden services.

"We have been going back to our original forums as well as sampling from other new sites to assemble more data [and] are in a small number of Tor-based forums at the moment in the process of analyses."

"We are also looking to see what information we can glean about the differences in structure between carding shops, like Rescator, and forum advertisements."

Holt will present the small amount of Australian card data which tends to sell at a slight premium than more popular US data, notably in the wake of the Target and Home Depot breaches, Vulture South has found.

The researchers' paper Examining the Structure, Organization, and Processes of the International Market for Stolen Data examined the economy and organisational structure of 13 Russian and English language carder forums including the average cost of dumps and the reasons behind price fluctuations.

They reported blackhat moderators flushing carder markets of scammers, known as 'rippers' and allowed the better sellers to become 'verified sellers'.

Guarantors operated on these forums too, charging a fee to ensure that transactions succeed.

The paper also finds a distinct division of labour which varied between new and established forums and examined the resiliency and density of the networks. ®

Sponsored: Detecting cyber attacks as a small to medium business


Biting the hand that feeds IT © 1998–2020