FBI nabs 24 in card-fraud forum sting

Feds had been having tips-and-tricks with fraudsters for YEARS


Updated An FBI sting operation against an underground carding forum has resulted in 24 arrests.

The Carder Profit forum had been run by undercover Feds for the last two years, yielding intelligence that resulted in arrests in eight countries.

The sting - dubbed "Operation Card Shop" - began in June 2010 when the FBI itself set up the Carderprofit.cc forum, which enabled discussion between members relating to the trade in credit card details and compromised personal information. The underground site was set up by the Feds to attract users of similar forums and thereby allow monitoring of their criminality. According to a canned statement from SOCA, the website had approximately 2,000 registered members when it was taken offline last month.

Those arrested include a man purported to be "JoshTheGod", leader of the UGNazi black-shirt hacking crew. According to the allegations in the complaint – which has been unsealed by the court – Federal investigators charge that Mir Islam, of Manhattan, was JoshTheGod. The FBI says that Islam, who is alleged to have founded Carders.Org – another carding forum – was arrested after he attempted to withdraw funds from an ATM using counterfeit credit cards supplied to him by an undercover FBI agent posing as a fellow cybercrook.

The FBI seized the web server for UGNazi.com, and seized the domain name of "Carders.org" – taking both sites offline, following the arrest on Monday.

In total, 11 arrests were executed in the US while a further six arrest warrants were served in the UK. Two further suspects were arrested in Bosnia, and others were cuffed in Bulgaria, Norway, and Germany.

Two additional defendants were arrested in Italy and Australia.

Prosecutors charge that the suspects plotted on Carder Profit to run a "breathtaking spectrum of cyber schemes and scams". Individuals sold credit cards by the thousands as well as casually offering "every stripe of malware and virus to fellow fraudsters", according to Manhattan US Attorney Preet Bharara.

Other frauds included buying and selling stolen identities, counterfeit documents, sophisticated hacking tools and other contraband. Feds describe the operation as the biggest ever international crackdown on carding crimes to date.

Access to the Carder Profit Forum, which was taken offline in May 2012, was limited to registered members. Various membership requirements were imposed to restrict site membership to individuals with established knowledge of carding techniques. For example, at times, new users were prevented from joining the site unless they were recommended by two existing users, unless they paid a registration fee.

A DoJ statement on the case can be found here. ®

Similar topics

Narrower topics


Other stories you might like

  • FBI, CISA: Don't get caught in Karakurt's extortion web
    Is this gang some sort of Conti side hustle? The answer may be yes

    The Feds have warned organizations about a lesser-known extortion gang Karakurt, which demands ransoms as high as $13 million and, some cybersecurity folks say, may be linked to the notorious Conti crew.

    In a joint advisory [PDF] this week, the FBI, CISA and US Treasury Department outlined technical details about how Karakurt operates, along with actions to take, indicators of compromise, and sample ransom notes. Here's a snippet:

    Continue reading
  • Man gets two years in prison for selling 200,000 DDoS hits
    Over 2,000 customers with malice on their minds

    A 33-year-old Illinois man has been sentenced to two years in prison for running websites that paying customers used to launch more than 200,000 distributed denial-of-services (DDoS) attacks.

    A US California Central District jury found the Prairie State's Matthew Gatrel guilty of one count each of conspiracy to commit wire fraud, unauthorized impairment of a protected computer and conspiracy to commit unauthorized impairment of a protected computer. He was initially charged in 2018 after the Feds shut down 15 websites offering DDoS for hire.

    Gatrel, was convicted of owning and operating two websites – DownThem.org and AmpNode.com – that sold DDoS attacks. The FBI said that DownThem sold subscriptions that allowed the more than 2,000 customers to run the attacks while AmpNode provided customers with the server hosting. AmpNode spoofed servers that could be pre-configured with DDoS attack scripts and attack amplifiers to launch simultaneous attacks on victims.

    Continue reading
  • Interpol anti-fraud operation busts call centers behind business email scams
    1,770 premises raided, 2,000 arrested, $50m seized

    Law enforcement agencies around the world have arrested about 2,000 people and seized $50 million in a sweeping operation crackdown of social engineering and other scam operations around the globe.

    In the latest action in the ongoing "First Light", an operation Interpol has coordinated annually since 2014, law enforcement officials from 76 countries raided 1,770 call centers suspected of running fraudulent operations such as telephone and romance scams, email deception scams, and financial crimes.

    Among the 2,000 people arrested in Operation First Light 2022 were call center operators and fraudsters, and money launderers. Interpol stated that the operation also saw 4,000 bank accounts frozen and 3,000 suspects identified.

    Continue reading
  • World Economic Forum wants a global map of online crime
    Will cyber crimes shrug off Atlas Initiative? Objectively, yes

    RSA Conference An ambitious project spearheaded by the World Economic Forum (WEF) is working to develop a map of the cybercrime ecosystem using open source information.

    The Atlas initiative, whose contributors include Fortinet and Microsoft and other private-sector firms, involves mapping the relationships between criminal groups and their infrastructure with the end goal of helping both industry and the public sector — law enforcement and government agencies — disrupt these nefarious ecosystems.  

    This kind of visibility into the connections between the gang members can help security researchers identify vulnerabilities in the criminals' supply chain to develop better mitigation strategies and security controls for their customers. 

    Continue reading
  • Europol arrests nine suspected of stealing 'several million' euros via phishing
    Victims lured into handing over online banking logins, police say

    Europol cops have arrested nine suspected members of a cybercrime ring involved in phishing, internet scams, and money laundering.

    The alleged crooks are believed to have stolen "several million euros" from at least "dozens of Belgian victims," according to that nation's police, which, along with the Dutch, supported the cross-border operation.

    On Tuesday, after searching 24 houses in the Netherlands, officers cuffed eight men between the ages of 25 and 36 from Amsterdam, Almere, Rotterdam, and Spijkenisse, and a 25-year-old woman from Deventer. We're told the cops seized, among other things, a firearm, designer clothing, expensive watches, and tens of thousands of euros.

    Continue reading
  • Former chip research professor jailed for not disclosing Chinese patents
    This is how Beijing illegally accesses US tech, say Feds

    The former director of the University of Arkansas’ High Density Electronics Center, a research facility that specialises in electronic packaging and multichip technology, has been jailed for a year for failing to disclose Chinese patents for his inventions.

    Professor Simon Saw-Teong Ang was in 2020 indicted for wire fraud and passport fraud, with the charges arising from what the US Department of Justice described as a failure to disclose “ties to companies and institutions in China” to the University of Arkansas or to the US government agencies for which the High Density Electronics Center conducted research under contract.

    At the time of the indictment, then assistant attorney general for national security John C. Demers described Ang’s actions as “a hallmark of the China’s targeting of research and academic collaborations within the United States in order to obtain U.S. technology illegally.” The DoJ statement about the indictment said Ang’s actions had negatively impacted NASA and the US Air Force.

    Continue reading

Biting the hand that feeds IT © 1998–2022