GoFuckYourself.com - Adult Webmaster Forum - View Single Post

chronoplay · 07-30-2010, 12:36 AM

At the beginning of July servers of the biggest Russian processing company ?ChronoPay? receiving payments from a huge number of Russian citizens via credit cards in the Internet failed for several days. You may read about it in more details in the blogs spamolov.livejournal.com/12610.html and doctorsoul.livejournal.com/1609641.html and in the article by Maksim Bukin
In spite of excusable relations of ChronoPay?s PR-service which presented versions in sequence starting from planned software update up to so-called broken virtualization servers and possible DDoS-attack, rumours about the system hacking and the biggest stealing of Russian citizens? credit card database in history appeared from the first days. In particular, bloggers paid attention to the fact that all the projects controlled by Pavel Vrublevsky whose famous nickname in the Internet is Redeye failed simultaneously. These projects include the above mentioned ?ChronoPay? and ?Standartpay? payment systems and ?Fethard? (illegal Internet-bank for money of doubtful provenance laundering), and porn-servers pornocruto.es and even the biggest forum of clandestine adult-webmasters crutop.nu, what was reported by mass media in connection with a range of investigations utronews.ru/economics/000127481413963/
Someone even presented conspiraacy theories stating that that attack is a cover-up prepared by Vrublevsky himself aimed to cover tracks in connection with resumed criminal case investigation in which the whole management of ?ChronoPay? CJSC and Pavel Olegovich as well are involved. With regard to this one of the most well-known London emigrants Chichvarkin expressed his opinion chich8.livejournal.com/17528.html
Up to now the theory of serious hacking was supported by the only fact that both ChronoPay and crutop.nu finally recovered with a help of one year old copies, moreover there is an ?Offer for law-enforcement agencies, secret services, agents and other interested parties? at the forum asking them to recover the archieve for fee. It was obvious for everybody that in case of DDoS-attacks information is not lost and the problem is much more serious than ChronoPay?s PR-service tried present it, anyway up to now there was no direct confirmation of this version.
A certain group of ?hackers? distributed their message today in which they provided a proof of ?ChronoPay? payment system hacking and stealing of the biggest Russian citizens? credit card database in history. The message says that this attack is connected exclusively with Vrublevsky who gained possession of Fethard.biz payment system?s money by cheating and who tricked thousands of webmasters for million dollars. The aim of campaign is to attract the attention of international payment systems to the activity of ChronoPay?s management in terms of illegal activity at the market of electronic commerce (in particular processing of payments for controlled drugs and false antivirus) and international investigation of both the schemes of criminal money laundering and hiding of millions of credit card numbers of Russian citizens leakage with their personal data by the company?s managers.
In case there is no appropriate response from the side of the market regulators, a group of hackers promised to upload the whole stolen database for free access what will result in not only multibillion stealing of money from the accounts of Russian citizens, but in necessity of almost complete re-issue of any and all credit cards which were used at least once at making payments via ChronoPay as well.
As a proof of seriousness of their claims some data were presented on the schemes of location of ChronoPay?s servers, confidential correspondence and a piece of database containing almost 5000 numbers of credit cards with a help of which payments in stores connected to Master-bank were conducted, allowing the security services of international payment systems to evaluate the level of threat of publication of all available information to start serious investigation. Besides, the statement of the group says that they have irrefutable evidence of preparation of DDoS-attack of assist.ru payment system and multicarta.ru (?MultiCarta? LLC is a subsidiary of ?Bank VTB? OJSC and is a member of VTB Group) servers by Vrublevsky?s personal order with a purpose to gain a part of clients of avia-payments, such as ?Aeroflot? OJSC. There was discussion of response measures against the main competitors of Vrublevsky (assist.ru and multicarta.ru) between the first and the second hackings of ChronoPay?s system (July 5 and 12). The issue is that after the first failure (almost for 4 days) the majority of the biggest clients started to appeal to their support services with the aim to change the servicing. They are ready to provide all these data to Russian and foreign law-enforcement agencies in case of respective criminal case initiation which Vrublevsky would not be able to neglect using his corrupt relations in supreme Russian authorities.
Published data:
The scheme of servers? location (for curious) sendspace.com/file/fur48o and sendspace.com/file/7uem5s
A part of credit card database (for IPS check ? numbers only) sendspace.com/file/j20vu4
Documents on bid re. Aeroflot (for security service of ?Aeroflot? OJSC and other participants of this bidding) sendspace.com/file/pkfoa3 and sendspace.com/file/ij75u3
Probably Andrey Polozov-Yablonsky ([email protected]) could know Vrublevsky?s intentions of Vrublevsky, Polozov-Yablonsky is a namesake of ?Aeroflot? OJSC Deputy Director General of and sends insider information on tenders of ?Aeroflot? OJSC to Pavel Vrublevsky on a regular basis (including the documents listed above). Here is an example of the letterhead:
As you know, the servers of assist.ru and multicarta.ru failed at the beginning of the previous week under the attack of the strongest DDoS pcweek.ru/themes/detail.php?ID=124603 which resulted finally in refusal from cooperation with ?Aeroflot? OJSC and colossal financial loss vedomosti.ru/newspaper/article/2010/07/26/241578
In case the information is confirmed, Visa and Mastercard will have to conduct PCI DSS validation and full forensic investigation of this incident according to their regulations, what will result in revocation of ChronoPay?s license for Internet-payment service provider with an imposition of huge penalties for non-disclosure of information on servers hacking. Besides, it would be very intreesting to know the reaction of Russian law-enforcement agencies which were warned by the State Duma deputy Ilya Ponomarev in March already about the danger of uncontrolled activity of Vrublevsky in the sphere of e-commerce goslyudi.ru/blog/iponomarev/4713/
?In addition it is notable that a huge number of payments by credit cards of Russian citizens (air tickets, cell operators, etc.) are conducted via ?ChronoPay? CJSC of Vrublevsky. Taking into consideration all the above stated it may be suggested that thus adversaries have access to personal data of tens of millions of computer crimes potential victims on a regular basis, starting from e-mail addresses, telephones, addresses of registration and up to the routes of business trips of any law-enforcement officers. Further connivance of this group activity may cause an irreparable harm to both the Russian citizens and the good will of our country at the stage of international cybercrime control?.
P.S. All the information in one file sendspace.com/file/mxuedz
Backup hosting openfile.ru/656429/

07-30-2010, 12:36 AM
chronoplay Registered User Industry Role: Join Date: Jul 2010 Posts: 5	Chronopay who knows wtf? At the beginning of July servers of the biggest Russian processing company ?ChronoPay? receiving payments from a huge number of Russian citizens via credit cards in the Internet failed for several days. You may read about it in more details in the blogs spamolov.livejournal.com/12610.html and doctorsoul.livejournal.com/1609641.html and in the article by Maksim Bukin In spite of excusable relations of ChronoPay?s PR-service which presented versions in sequence starting from planned software update up to so-called broken virtualization servers and possible DDoS-attack, rumours about the system hacking and the biggest stealing of Russian citizens? credit card database in history appeared from the first days. In particular, bloggers paid attention to the fact that all the projects controlled by Pavel Vrublevsky whose famous nickname in the Internet is Redeye failed simultaneously. These projects include the above mentioned ?ChronoPay? and ?Standartpay? payment systems and ?Fethard? (illegal Internet-bank for money of doubtful provenance laundering), and porn-servers pornocruto.es and even the biggest forum of clandestine adult-webmasters crutop.nu, what was reported by mass media in connection with a range of investigations utronews.ru/economics/000127481413963/ Someone even presented conspiraacy theories stating that that attack is a cover-up prepared by Vrublevsky himself aimed to cover tracks in connection with resumed criminal case investigation in which the whole management of ?ChronoPay? CJSC and Pavel Olegovich as well are involved. With regard to this one of the most well-known London emigrants Chichvarkin expressed his opinion chich8.livejournal.com/17528.html Up to now the theory of serious hacking was supported by the only fact that both ChronoPay and crutop.nu finally recovered with a help of one year old copies, moreover there is an ?Offer for law-enforcement agencies, secret services, agents and other interested parties? at the forum asking them to recover the archieve for fee. It was obvious for everybody that in case of DDoS-attacks information is not lost and the problem is much more serious than ChronoPay?s PR-service tried present it, anyway up to now there was no direct confirmation of this version. A certain group of ?hackers? distributed their message today in which they provided a proof of ?ChronoPay? payment system hacking and stealing of the biggest Russian citizens? credit card database in history. The message says that this attack is connected exclusively with Vrublevsky who gained possession of Fethard.biz payment system?s money by cheating and who tricked thousands of webmasters for million dollars. The aim of campaign is to attract the attention of international payment systems to the activity of ChronoPay?s management in terms of illegal activity at the market of electronic commerce (in particular processing of payments for controlled drugs and false antivirus) and international investigation of both the schemes of criminal money laundering and hiding of millions of credit card numbers of Russian citizens leakage with their personal data by the company?s managers. In case there is no appropriate response from the side of the market regulators, a group of hackers promised to upload the whole stolen database for free access what will result in not only multibillion stealing of money from the accounts of Russian citizens, but in necessity of almost complete re-issue of any and all credit cards which were used at least once at making payments via ChronoPay as well. As a proof of seriousness of their claims some data were presented on the schemes of location of ChronoPay?s servers, confidential correspondence and a piece of database containing almost 5000 numbers of credit cards with a help of which payments in stores connected to Master-bank were conducted, allowing the security services of international payment systems to evaluate the level of threat of publication of all available information to start serious investigation. Besides, the statement of the group says that they have irrefutable evidence of preparation of DDoS-attack of assist.ru payment system and multicarta.ru (?MultiCarta? LLC is a subsidiary of ?Bank VTB? OJSC and is a member of VTB Group) servers by Vrublevsky?s personal order with a purpose to gain a part of clients of avia-payments, such as ?Aeroflot? OJSC. There was discussion of response measures against the main competitors of Vrublevsky (assist.ru and multicarta.ru) between the first and the second hackings of ChronoPay?s system (July 5 and 12). The issue is that after the first failure (almost for 4 days) the majority of the biggest clients started to appeal to their support services with the aim to change the servicing. They are ready to provide all these data to Russian and foreign law-enforcement agencies in case of respective criminal case initiation which Vrublevsky would not be able to neglect using his corrupt relations in supreme Russian authorities. Published data: The scheme of servers? location (for curious) sendspace.com/file/fur48o and sendspace.com/file/7uem5s A part of credit card database (for IPS check ? numbers only) sendspace.com/file/j20vu4 Documents on bid re. Aeroflot (for security service of ?Aeroflot? OJSC and other participants of this bidding) sendspace.com/file/pkfoa3 and sendspace.com/file/ij75u3 Probably Andrey Polozov-Yablonsky ([email protected]) could know Vrublevsky?s intentions of Vrublevsky, Polozov-Yablonsky is a namesake of ?Aeroflot? OJSC Deputy Director General of and sends insider information on tenders of ?Aeroflot? OJSC to Pavel Vrublevsky on a regular basis (including the documents listed above). Here is an example of the letterhead: As you know, the servers of assist.ru and multicarta.ru failed at the beginning of the previous week under the attack of the strongest DDoS pcweek.ru/themes/detail.php?ID=124603 which resulted finally in refusal from cooperation with ?Aeroflot? OJSC and colossal financial loss vedomosti.ru/newspaper/article/2010/07/26/241578 In case the information is confirmed, Visa and Mastercard will have to conduct PCI DSS validation and full forensic investigation of this incident according to their regulations, what will result in revocation of ChronoPay?s license for Internet-payment service provider with an imposition of huge penalties for non-disclosure of information on servers hacking. Besides, it would be very intreesting to know the reaction of Russian law-enforcement agencies which were warned by the State Duma deputy Ilya Ponomarev in March already about the danger of uncontrolled activity of Vrublevsky in the sphere of e-commerce goslyudi.ru/blog/iponomarev/4713/ ?In addition it is notable that a huge number of payments by credit cards of Russian citizens (air tickets, cell operators, etc.) are conducted via ?ChronoPay? CJSC of Vrublevsky. Taking into consideration all the above stated it may be suggested that thus adversaries have access to personal data of tens of millions of computer crimes potential victims on a regular basis, starting from e-mail addresses, telephones, addresses of registration and up to the routes of business trips of any law-enforcement officers. Further connivance of this group activity may cause an irreparable harm to both the Russian citizens and the good will of our country at the stage of international cybercrime control?. P.S. All the information in one file sendspace.com/file/mxuedz Backup hosting openfile.ru/656429/