Dark Market and the downfall of an online fraudster
By Asavin Wattanajantra in Editorial
Posted in online fraudster, criminals, card skimmers, fraud, financial on
RSA has pointed me out to this blog post that offers some previously undisclosed information about one of the members of Dark Market, a forum which involved criminals buying and selling credit card data and was shut down by law enforcement.
It shows that although it might be easy to make money as an online fraudster, the law was maybe beginning to catch up on the problem thanks to intelligent detective work.
Chao, real name Cagatay Evyapan, was behind a group called the ‘Crime Enforcers’ - an assembly line of ATM and Point of Sale card skimmers. RSA’s Uri Rivner said that he climbed the ladder of the criminal underground, and that point became a name that all cyber criminals recognised.
Rivner says that Chao stood out as an ‘exceptional’ online fraudster - he even created instructional videos explaining how to install ATM skimming devices he built and sold.
Instruction video on using ATM skimming devices.
How Chao was caught
Chao was caught through the Dark Market operation as a moderator. Using undercover tactics, FBI agent Keith Mularski pretended he was a fraudster using the handle ‘Master Splynter’.
He was found in Turkey thanks to the Turkish National Police cooperating with several law enforcement agencies around the world, including the FBI. The police found him due to one weak link in the chain - he needed to ship thousands of ATM skimmers around the world.
Thanks to discussions with international shipping companies, it led to the pinpointing of Chao’s whereabouts. They located Chao on the outskirts of Istanbul, put him under surveillance and found his apartment being used as a huge assembly line for card skimming devices.
Seven ‘Crime Enforcers’ were arrested, including people helping him with the manufacturing and his cashier.
The result of the raid
The Turkish police found 1,000 ATM skimming devices, 2000 fake PIN pads, and a large amount of fake Point of Sale devices - the ones you use in restaurants.
Rivner said that a single ATM skimmer could record one hundred withdrawals a day - using a ‘conservative’ estimate of $1,000 per compromised card that is potential damage of 100 million dollars a day.
If it takes ten days for the device to be discovered that’s a potential one billion dollars of potential fraud.
So the rewards are great - but as Chao’s arrest shows, maybe there is light at the end of tunnel thanks to worldwide law enforcement cooperation.
But as Uri says, as soon as Chao was caught, other have taken his place.
Teenage hackers becoming a real threat
By Asavin Wattanajantra in Editorial
Posted in cybercrime, financial, hacking, internet on
According to security experts, teenage hacking is becoming a real threat when it comes to cyber crime.
Professionals have indicated that forums such as that of Dark Market which was taken down recently, are starting to be populated by teenagers who are looking to swap credit card data as well as the hacking and phishing kits which is used to collect it.
As these teenagers are not as well trained as professionals who may well do this for a living, they are more likely to get caught as well as pick up a criminal record, which will really hurt them if further down the line, they want to have a career in IT.
The first steps are simply to look for cracks and exploits for computer games, for example to run computer games which they haven’t paid for. Although many kids do this, it is nevertheless illegal.
Then it is likely they’ll graduate to more serious crime, such as swapping programs and malicious data, and further on targeting social networking sites with exploits and virus code.
IT PRO talked to Billy Hoffman at RSA Europe, who works in
Tag cloud
Most commented posts
- Ten reasons why people are leaving MySpace
52 comments
- My Michael Jackson blog post
- Ten reasons why World of Warcraft is better than Second Life
- Facebook user arrested for poking somebody
- What should the staff writer have as his smartphone?
- Beware of hacked Facebook applications
- Ten funny sightings on Google Street View
- Twitter didn't actually get hacked - Google did
- Microsoft sues firm for instant messaging spam
- Joining the sheep - I'm getting an iPhone
Highest Rated Blog Posts
- Ten tips to avoid your satnav driving you over a cliff (100%)
- Does unfiltered internet 'disturb children'? (100%)
- The brain-controlled laptop computer (100%)
- Why Twitter is a better news tool than Digg (100%)
- Apple and its obsession with secrecy (100%)
- Twitter isn't for teenagers? It's common sense. (100%)
- Farming and becoming a Godfather with Facebook (100%)
- Orange and the iPhone - competition is a good thing (100%)
- Bendy phones straight out of the future (93.4%)
- How Pirate Bay sticks two fingers up at the industry (80%)


