What does the front-end of an online hacker store look like?


This. Note the dot-mil and dot-govs, and good heavens, the affordable pricing. Fascinating story behind the screengrab over at Krebs on Security.


  1. A smart customer would just head to one of this service’s competitors to get full access to the hacker store site, thus getting all the info they wanted for one low price.

  2. A quick google search turned up this – http://www.srblche.com/.

    With it that easy to find – I wonder if it’s legit or just a scam to get wannabe haxors to pay for sites. They even have a few free hacked sites – perhaps to lure you into a drive by download or something.

    1. haha, redacting doesn’t do much good when I can google (9th result, or yahoo 2nd result) the last two unique “traffic” numbers…

  3. By a quick look srblche.com is bought from an allegedly Indian domain registrar with servers in the US with DNS hosted by an allegedly Hong Kong company with servers in the US pointing to a website hosted in the US.

  4. What the heck – having lived in SC, I just treated myself to their National Guard site. I just activated and deployed them all to the sleepy little berg of Six Mile…now we’ll see if it’s legit.

  5. This is quite disturbing. Also, to everyone saying that it is really cheap. I bet that after you give your credit card information to a professional hacker they’ll own you for life!!! LOL.

  6. This just has scam written all over it.

    If things like this could be easily accessed by everyone why not just use bots or even people to find what’s been compromised and take it offline or fix it.

  7. If it is legit info all one would have to do to cover themselves from giving anyone dubious their credit card info is put the amount they would like to spend on a prepaid gift card from one of the major credit companies and use that card to purchase it. I don’t even think those cards even have a name tied to them if the purchaser does not want it to. Problem solved.

  8. I hope all of those sites’ admins got notified by Krebs that they’ve been compromised? Would seem to be the ethical thing to do.

    1. They seem to be more than a little but shy about providing a physical address.

      I’m not going to say that Liberty Reserve is a Scam.
      Or say that scammy scammers run Liberty Reserve.
      I’d never trust more than $50 to a possibly quasi-legal site that could very well be a scam run by scammers.

  9. Those .gov.it sites are all Italian high schools. I bet they are very small operations, running on some old unpatched Windows and administered by some random teacher. The fact that they were rooted, if true, wouldn’t come as a surprise.

  10. Well, to the extent this is real, it does kind of explain website defacements. I’ve always wondered how that made sense – you’ve just gained control of some prominent website, and all you can think to do is write “XYZ haxxor crew wuz here” – it seemed like such a colossal waste!

    But if the prices are to be believed, it makes more sense – it really only costs the hackers maybe $100, less commission and not even counting the hassle and the chance they won’t be paid at all. Now it seems like someone with a vineyard using their own wine for cooking – sure, it’s awfully good wine to use up like that, but when you factor in the bother of selling your own, plus the bother of buying some lousy wine for cooking, it makes perfect sense.

  11. Make sure to read Annoyed Readers comments on the site. Basically, this is a scam, and Kreb and BB are both just promoting it.

    Xeni – you should update this post to reflect the fact that the site is just a scam.

Comments are closed.