Large groups of international criminal hackers have joined together to steal financial data, steal identities, and then trade or sell that data on underground Internet sites. Baseline magazine reported:
They operate under names such as carderplanet, stealthdivision, darkprofits and the shadowcrew. They buy and sell millions of credit card numbers, social security numbers and identification documents, typically for less than 10 bucks apiece. And they create sites and services to breed more skilled, like-minded organizations.According a Wall Street Journal article, by Cassell Bryan-Low, this is how the Shadow crew secret web site traded credit and debit card information:
Andrew Mantovani, David Appleyard, Brandon Monchamp and more than a dozen other members of the Shadowcrew were at work on their computers. Sure, it was 9 p.m. But their business—which, authorities say, was auctioning off stolen and counterfeit credit and identification cards—was booming.
In the past two years, the Shadowcrew's 4,000 members, according to the U.S. Secret Service, ran a worldwide marketplace in which 1.5 million credit card numbers, 18 million e-mail accounts, and scores of identification documents—everything from passports to driver's licenses to student IDs—were offered to the highest bidder.
Many of the credit card numbers sold on the site were subsequently used by Shadowcrew's customers, who had no intent of paying for what they bought. The result? More than $4 million in losses suffered by card issuers and banks, says the Secret Service, which is charged by the U.S. government to investigate counterfeiting, credit card fraud and computer crimes. If the Shadowcrew had gone unchecked, the losses would have totaled hundreds of millions of dollars...
- Shadowcrew members stole banking and other personal information by sending fake e-mails (phishing) and other hacker methods.
- Members then logged on to the organization's web site and posted the stolen card numbers, plus counterfeit driver's licenses, passports and Social Security cards.
- Members could then buy and sell the information on the site.
- Registration: Members logged into the private site with a user name and password.
- Checkout: Members purchased stolen info using Western Union or online payment services such as E-Gold and Web Money.
- Management: Shadowcrew Web site administrators punished members who didn't pay on time.
- Quality Control: Shadowcrew reviewers tested stolen data before selling it on the site.
But at 9 p.m. on Oct. 26, 2004, the Shadowcrew was in for a surprise...on that Tuesday evening in October, a Secret Service insider informant engaged 30 Shadowcrew members in simultaneous online chats. With the Shadowcrew thus occupied on their screens, agents of the Secret Service, FBI and local police—some armed and wearing bulletproof vests—showed up at suspects' homes and made arrests. Most suspects came quietly. However, one, Monchamp, leaped out a second-floor window when the Secret Service knocked. He was apprehended after a short chase on foot. Back in the room he exited, agents found two loaded guns—one an assault rifle.Illegal websites [links to copies of web sites stored at internet archive -web.archive.org]:
Not the normal tools of a hobbyist hacker.
And that's not, according to the government, what the Shadowcrew members were. Mantovani, Appleyard and Monchamp were part of an "international criminal organization" in which associates advertised and sold identity cards and traded advice on how to sell forged identity documents, according to the criminal complaint.
Note the number of online users reported on the shadowcrew.com site on Feb. 17, 2003 and the listed number of registered members of darkprofits and stealthdivision.
Among those indicted were:
- Andrew Mantovani, Scottsdale, Arizona
- David Appleyard, Linwood, New Jersey
- Anatoly Tyukanov, Moscow, Russia
- Jeremy Stephens, Charlotte, North Carolina
- Brandon L. Monchamp, Scottsdale, Arizona
- Omar Dhanani, Fountain Valley, California
- Marcelo Del Mazo, Buenos Aires, Argentina
links:
NINETEEN INDIVIDUALS INDICTED IN INTERNET ‘CARDING’ CONSPIRACY [USDOJ.GOV, Oct. 28, 2004]
Shadowcrew: Web Mobs [BaselineMag.com, Mar. 7, 2005]
Identiy Thieves Organize (subscription required) [WSJ.com, Apr. 7, 2005]
E.V. men accused in computer hacking ring [seclists.org, from eastvalleytribune.com, Nov. 4, 2004]
update Dec. 7, 2005 - consumeraffairs.com reported:
Six men who ran one of the largest online centers for trafficking in stolen credit and bank card numbers and identity information have pleaded guilty in federal court. The U.S. Attorney for New Jersey says the plea is the last step in pulling the plug on the notorious "Shadowcrew.com" website.Six "Shadow Crew" Members Plead Guilty [consumeraffairs.com, Nov. 21, 2005]
Andrew Mantovani, 23, of Scottsdale, Ariz.; Kim Taylor, 47, of Arcadia, Calif.; Jeremy Stephens, 31, of Charlotte, N.C.; Brandon Monchamp, 22, of Scottsdale, Ariz.; Omar Dhanani, 22, of Fountain Valley, Calif.; and Jeremy Zielinski, 22, of Longwood, Fla., entered guilty pleas to the lead count of conspiracy before U.S. District Judge William J. Martini. Judge Martini scheduled sentencing for late February and early March.
