Xeni Jardin at 2:25 pm Fri, Jan 21, 2011
ADVERTISE AT BOING BOING!
This. Note the dot-mil and dot-govs, and good heavens, the affordable pricing. Fascinating story behind the screengrab over at Krebs on Security.
Damn, those are Boxing Day sale prices. Where’s my wallet?
I hope all of those sites’ admins got notified by Krebs that they’ve been compromised? Would seem to be the ethical thing to do.
The Krebs site says he only accepts payment via “Liberty Reserve.” What is that?
A Costa Rica payment processor
They seem to be more than a little but shy about providing a physical address.
I’m not going to say that Liberty Reserve is a Scam.
Or say that scammy scammers run Liberty Reserve.
I’d never trust more than $50 to a possibly quasi-legal site that could very well be a scam run by scammers.
yo, I’m just happy we ain’t on there.
what shocked me more is just how cheap that information is!
Where’s the “some dude in Chicago’s facebook page $7″? Probably further down.
A smart customer would just head to one of this service’s competitors to get full access to the hacker store site, thus getting all the info they wanted for one low price.
Soon I will control all of Michigan. Yes. Yes. Excellent.
as for the italian .gov addresses, they’re all high school sites
Seems like the last place I’d want to share my billing info with.
No, No. Rest assured. It’s a SECURE shopping cart. Your credit card is safe with them.
Well, someone’s credit card, anyway.
High value informations at low, low prices!
A quick google search turned up this – http://www.srblche.com/.
With it that easy to find – I wonder if it’s legit or just a scam to get wannabe haxors to pay for sites. They even have a few free hacked sites – perhaps to lure you into a drive by download or something.
haha, redacting doesn’t do much good when I can google (9th result, or yahoo 2nd result) the last two unique “traffic” numbers…
Maybe it’s just my paranoid streak but to me this has honeypot written all over it.
Souce Carolina? Is that near Norse Carolina?
Maybe a typo on the original website? I would check except http://www.scguard.army.mil is giving a HTTP 403. Looks like someone has disabled/deleted the website.
It’s pronounced Soo-CHAY.
(And, yeah, I’d be dubious of sharing my CC# with this sort of site…)
By a quick look srblche.com is bought from an allegedly Indian domain registrar with servers in the US with DNS hosted by an allegedly Hong Kong company with servers in the US pointing to a website hosted in the US.
Well, to the extent this is real, it does kind of explain website defacements. I’ve always wondered how that made sense – you’ve just gained control of some prominent website, and all you can think to do is write “XYZ haxxor crew wuz here” – it seemed like such a colossal waste!
But if the prices are to be believed, it makes more sense – it really only costs the hackers maybe $100, less commission and not even counting the hassle and the chance they won’t be paid at all. Now it seems like someone with a vineyard using their own wine for cooking – sure, it’s awfully good wine to use up like that, but when you factor in the bother of selling your own, plus the bother of buying some lousy wine for cooking, it makes perfect sense.
what, no paypal?
Those .gov.it sites are all Italian high schools. I bet they are very small operations, running on some old unpatched Windows and administered by some random teacher. The fact that they were rooted, if true, wouldn’t come as a surprise.
What the heck – having lived in SC, I just treated myself to their National Guard site. I just activated and deployed them all to the sleepy little berg of Six Mile…now we’ll see if it’s legit.
This is quite disturbing. Also, to everyone saying that it is really cheap. I bet that after you give your credit card information to a professional hacker they’ll own you for life!!! LOL.
If you want the real deal you need to learn romani, gadje. Or russian.
A 4.0 GPA at University of South Carolina Beaufort for only $88?
This just has scam written all over it.
If things like this could be easily accessed by everyone why not just use bots or even people to find what’s been compromised and take it offline or fix it.
Make sure to read Annoyed Readers comments on the site. Basically, this is a scam, and Kreb and BB are both just promoting it.
Xeni – you should update this post to reflect the fact that the site is just a scam.
If it is legit info all one would have to do to cover themselves from giving anyone dubious their credit card info is put the amount they would like to spend on a prepaid gift card from one of the major credit companies and use that card to purchase it. I don’t even think those cards even have a name tied to them if the purchaser does not want it to. Problem solved.
Mail (will not be published) (required)