Brian Krebs has published an ad from "Foreign Agents," a notorious Russian crime service. They're advertising the availability of foot soldiers in the USA who can help cash out hacked bank accounts and credit cards. Unlike traditional bank-fraud mules, who don't know that they're part of a scam, these "associates" are "неразводные" ("nerazvodni" or "not deceived").
The proprietors of this service say it will take 40-45 percent of the value of the theft, depending on the amount stolen. In a follow Q&A with potential buyers, the vendors behind this service say it regularly moves $30,000 – $100,000 per day for clients. Specifically, it specializes in cashing out high-dollar bank accounts belonging to hacked businesses, hence the mention high up in the ad of fraudulent wire transfers and automated clearinghouse or ACH payments (ACH is typically how companies execute direct deposit of payroll for their employees).
According to the advertisement, customers of this service get their very own login to a remote panel, where they can interact with the cashout service and monitor the progress of their thievery operations. The service also can be hired to drain bank accounts using counterfeit debit cards obtained through ATM skimmers or hacked point-of-sale devices. The complicit mules will even help cash out refunds from phony state and federal income tax filings — a lucrative form of fraud that, according to the Internal Revenue Service, cost taxpayers $5.2 billion last year.
Say what you will about their criminal tendencies, those bank robbers have excellent art direction.
Online Service Offers Bank Robbers for Hire
In 2012, Google rolled out Certificate Transparency, a clever system to spot corrupt “Certificate Authorities,” the entities who hand out the cryptographic certificates that secure the web. If Certificate Authorities fail to do their jobs, they put the entire electronic realm in danger — bad certificates could allow anything from eavesdropping on financial transactions to […]
Troy Hunt, proprietor of the essential Have I Been Pwned (previously) sets out the hard lessons learned through years of cataloging the human costs of breaches from companies that overcollected their customers’ data; undersecured it; and then failed to warn their customers that they were at risk.
A security researcher has published a vulnerability and proof-of-concept exploits in Google’s Internet of Things security cameras, marketed as Nest Dropcam, Nest Dropcam Pro, Nest Cam Outdoor and Nest Cam Indoor; these vulnerabilities were disclosed to Google last fall, but Google/Nest have not patched them despite the gravity of the vulnerability and the long months […]
You know the drill. You go to the dentist and they ask you how often you floss. You lie through your teeth and say, “every day!” (Bonus points if you have some cilantro or chives stuck in your gums from lunch). You don’t want to keep up the charade any longer, but rubbing that tiny strand […]
The Raspberry Pi Foundation has done outstanding work packing a fully capable desktop computer into a package the size of a deck cards—especially one that only costs $35. But if you already have a working laptop, why should you care? Oh, how much you have to learn. Besides operating well as a compact digital media hub, […]
Custom coffee vessels are the perfect piece of office flair, but it’s just a matter of time before your VOTE FOR PEDRO mug will start to lose its relevant wit. Why not have a new one every day, with whatever silly nonsense you want sticking off the sides? You can save big on your novelty […]