this site is worse then tubes and typical password sites - GoFuckYourself.com

venus · 07-26-2012, 09:51 PM

Ok, usually you dont find out who is really using stolen credit cards on your site, but I did, by mistake.

last week I had 12 signups come in at the exact same time, all saying they were from mexico, but the host name in the receipt were all different and all from hosting companies around the US. Incase people dont know how the scam works, this is also used by affiliates who are trying to rip off the programs, they get a cheap account at a hosting company, then they telnet in or use some script to join websites, the receipt shows the Ip address/host name of the person joining and for these guys its a hosting site. I killed the passwords acouple of hours after the guy bought them.

Anyway, 2 days ago I got an alert from google about a search for my site pointing to

----------
Web 1 new result for landofvenus

Landofvenus.com - Page 5
http://members.landofvenus.com/members/members.html.
http://www.netsploiterworld.org/foro...d.php?3785...p...
--------

so I went there and guess what I found, the passwords that were made with the stolen cards...the guy had 3 posted in the free area and said the rest were in a VIP area and to join to get the rest...

so watch out for this site, I have emailed moneybookers and paypal to try and get his money sources closed, hopefulyl others will be able to report this guy also, but this is just a blantant attempt to rip people off and use stolen cards... worse type of site out there!

shake · 07-26-2012, 10:23 PM

Thanks for the tip, good to be on the ball watching hostnames like that.

vdbucks · 07-26-2012, 10:40 PM

Quote:

Originally Posted by venus

Ok, usually you dont find out who is really using stolen credit cards on your site, but I did, by mistake.

last week I had 12 signups come in at the exact same time, all saying they were from mexico, but the host name in the receipt were all different and all from hosting companies around the US. Incase people dont know how the scam works, this is also used by affiliates who are trying to rip off the programs, they get a cheap account at a hosting company, then they telnet in or use some script to join websites, the receipt shows the Ip address/host name of the person joining and for these guys its a hosting site. I killed the passwords acouple of hours after the guy bought them.

Anyway, 2 days ago I got an alert from google about a search for my site pointing to

----------
Web 1 new result for landofvenus

Landofvenus.com - Page 5
http://members.landofvenus.com/members/members.html.
http://www.netsploiterworld.org/foro...d.php?3785...p...
--------

so I went there and guess what I found, the passwords that were made with the stolen cards...the guy had 3 posted in the free area and said the rest were in a VIP area and to join to get the rest...

so watch out for this site, I have emailed moneybookers and paypal to try and get his money sources closed, hopefulyl others will be able to report this guy also, but this is just a blantant attempt to rip people off and use stolen cards... worse type of site out there!

I hope you're issuing refunds to the victims of the stolen cards used... I mean, that's the legitimate way to go about handling these things; not just locking the passwords...

venus · 07-26-2012, 10:46 PM

you think....jeesh

Quote:

Originally Posted by vdbucks

I hope you're issuing refunds to the victims of the stolen cards used... I mean, that's the legitimate way to go about handling these things; not just locking the passwords...

lucas131 · 07-27-2012, 01:02 AM

are you sure it is stolen credit cards? i know the site and i know he have been doing serious exploiting, i mean he is getting injections into your database, but no credit card is hurt. have you been contacted by any owner of the stolen cards? not backing up anyone, but maybe its time to check your site security ...

SKUP · 07-27-2012, 01:18 AM

Quote:

Originally Posted by lucas131

are you sure it is stolen credit cards? i know the site and i know he have been doing serious exploiting, i mean he is getting injections into your database, but no credit card is hurt. have you been contacted by any owner of the stolen cards? not backing up anyone, but maybe its time to check your site security ...

Did you read that thread? I mean: 12 sign ups from Mexico at the same time coming from hosting companies all over the US. And the passwords showing up at the site.

What do you think he is "exploiting"?

lucas131 · 07-27-2012, 01:23 AM

Quote:

Originally Posted by SKUP

Did you read that thread? I mean: 12 sign ups from Mexico at the same time coming from hosting companies all over the US. And the passwords showing up at the site.

What do you think he is "exploiting"?

where she said she got email from ccbill? she said she got signups. i doubt ccbill would allow use of stolen cards and use of proxy or telnet servers to join

i may be wrong, maybe times changes. and still, why the hell would anyone use 12 stolen cards for one site? isnt one in public and one in vip section enough to get some people to signup for vip?

halfpint · 07-27-2012, 01:24 AM

Quote:

Originally Posted by SKUP

Did you read that thread? I mean: 12 sign ups from Mexico at the same time coming from hosting companies all over the US. And the passwords showing up at the site.

What do you think he is "exploiting"?

no need to bite lucas's head off lol he does know a thing or two about exploits and hacking

anyway heres a bump for more views

gleem · 07-27-2012, 06:59 AM

hey, I had the same thing happen this week. Four signups in a row from the same mexican IP address but different names and logins:
http://whois.domaintools.com/189.180.168.178

potter · 07-27-2012, 07:00 AM

Quote:

Originally Posted by vdbucks

I hope you're issuing refunds to the victims of the stolen cards used... I mean, that's the legitimate way to go about handling these things; not just locking the passwords...

The credit card companies will issue the refund regardless.

SplatterMaster · 07-27-2012, 07:15 AM

Quote:

Originally Posted by venus

Anyway, 2 days ago I got an alert from google about a search for my site pointing to

Don?t count on Google to catch this kind of stuff. Check your server logs daily and catch it before it reaches that point. Install membership software that locks out users with multiple logins from different IPs/ISP?s/Countries. Check your server logs and I?m sure you will find referrers from other sites like this.

Quote:

Originally Posted by lucas131

i doubt ccbill would allow use of stolen cards and use of proxy

12 at one time is kinda strange. But I can assure you stolen CC and user on a proxy gets through. I?ve seen some strange shit in CCBill site logs when one is trying to get through. 5 or 6 signup attempts within minutes of each other and 1 will get through while the others are rejected. CCBill is far from perfect at catching this kinda stuff.

iSpyCams · 07-27-2012, 10:50 AM

Quote:

Originally Posted by lucas131

where she said she got email from ccbill? she said she got signups. i doubt ccbill would allow use of stolen cards and use of proxy or telnet servers to join

i may be wrong, maybe times changes. and still, why the hell would anyone use 12 stolen cards for one site? isnt one in public and one in vip section enough to get some people to signup for vip?

CCbill's fraud protection has actually been fairly weak lately, IMO. I have had a rash of carders lately who seem to be looking for CCBill merchants to exploit, because they can sign up with a fake name and address and as long as the get the CCV code correct, ccbill will allow the transacion.

This way they can use women's credit cards and make it seem like the billing address and IP geolocation are closer than they are without getting busted too quick.

lucas131 · 07-27-2012, 12:13 PM

Quote:

Originally Posted by SplatterMaster

Don’t count on Google to catch this kind of stuff. Check your server logs daily and catch it before it reaches that point. Install membership software that locks out users with multiple logins from different IPs/ISP’s/Countries. Check your server logs and I’m sure you will find referrers from other sites like this.

12 at one time is kinda strange. But I can assure you stolen CC and user on a proxy gets through. I’ve seen some strange shit in CCBill site logs when one is trying to get through. 5 or 6 signup attempts within minutes of each other and 1 will get through while the others are rejected. CCBill is far from perfect at catching this kinda stuff.

thats it. ccbill have also some protection, and if you get some fresh ccs list, i doubt you will make 12 logins, it means to burn like 50 credit cards, for one site ...

venus · 07-27-2012, 12:21 PM

I have been using password software for about 13 years, I use password sentry...very good stuff

Quote:

Originally Posted by SplatterMaster

Don?t count on Google to catch this kind of stuff. Check your server logs daily and catch it before it reaches that point. Install membership software that locks out users with multiple logins from different IPs/ISP?s/Countries. Check your server logs and I?m sure you will find referrers from other sites like this.

12 at one time is kinda strange. But I can assure you stolen CC and user on a proxy gets through. I?ve seen some strange shit in CCBill site logs when one is trying to get through. 5 or 6 signup attempts within minutes of each other and 1 will get through while the others are rejected. CCBill is far from perfect at catching this kinda stuff.

venus · 07-27-2012, 12:23 PM

yes they will, its called a chargeback...not what I want..I have a merchant account so I pay like 25 or 35$ per chargeback

Quote:

Originally Posted by potter

The credit card companies will issue the refund regardless.

venus · 07-27-2012, 12:23 PM

bet they are on this guys site also

Quote:

Originally Posted by gleem

hey, I had the same thing happen this week. Four signups in a row from the same mexican IP address but different names and logins:
http://whois.domaintools.com/189.180.168.178

venus · 07-27-2012, 12:24 PM

I dont use ccbill, I have a merchant account through netbilling

Quote:

Originally Posted by lucas131

where she said she got email from ccbill? she said she got signups. i doubt ccbill would allow use of stolen cards and use of proxy or telnet servers to join

i may be wrong, maybe times changes. and still, why the hell would anyone use 12 stolen cards for one site? isnt one in public and one in vip section enough to get some people to signup for vip?

venus · 07-27-2012, 12:28 PM

2 hours after the memberships were made I downloaded and viewed my log files, viewing the IP addresses of the accounts made, none of the ip addresses had entered the members area, he made the passwords, then probably ran off to make more at other sites so he could post them on his site..seems like an easy way to get working passwords for his site so he can sell access to them...someones credit cards were used to make these memberships, I have the receipts for them, and I forwarded it all to the FBI

Quote:

Originally Posted by lucas131

are you sure it is stolen credit cards? i know the site and i know he have been doing serious exploiting, i mean he is getting injections into your database, but no credit card is hurt. have you been contacted by any owner of the stolen cards? not backing up anyone, but maybe its time to check your site security ...

07-26-2012, 09:51 PM	#1
venus Confirmed User Industry Role: Join Date: Jan 2003 Location: Phoenix, Az Posts: 3,112	this site is worse then tubes and typical password sites Ok, usually you dont find out who is really using stolen credit cards on your site, but I did, by mistake. last week I had 12 signups come in at the exact same time, all saying they were from mexico, but the host name in the receipt were all different and all from hosting companies around the US. Incase people dont know how the scam works, this is also used by affiliates who are trying to rip off the programs, they get a cheap account at a hosting company, then they telnet in or use some script to join websites, the receipt shows the Ip address/host name of the person joining and for these guys its a hosting site. I killed the passwords acouple of hours after the guy bought them. Anyway, 2 days ago I got an alert from google about a search for my site pointing to ---------- Web 1 new result for landofvenus Landofvenus.com - Page 5 http://members.landofvenus.com/members/members.html. http://www.netsploiterworld.org/foro...d.php?3785...p... -------- so I went there and guess what I found, the passwords that were made with the stolen cards...the guy had 3 posted in the free area and said the rest were in a VIP area and to join to get the rest... so watch out for this site, I have emailed moneybookers and paypal to try and get his money sources closed, hopefulyl others will be able to report this guy also, but this is just a blantant attempt to rip people off and use stolen cards... worse type of site out there! __________________ Muscle/Fitness Adult Affiliate Program Since 1997 www.venuscash.com

07-26-2012, 10:23 PM	#2
shake frc Industry Role: Join Date: Jul 2003 Location: Bitcoin wallet Posts: 4,663	Thanks for the tip, good to be on the ball watching hostnames like that. __________________ Crazy fast VPS for $10 a month. Try with $20 free credit

07-27-2012, 06:59 AM	#9
gleem Confirmed User Industry Role: Join Date: Jun 2001 Location: Sunny Land Posts: 5,593	hey, I had the same thing happen this week. Four signups in a row from the same mexican IP address but different names and logins: http://whois.domaintools.com/189.180.168.178 __________________ Contact me: \\// E: webmaster /at/ unprofessional.com

07-27-2012, 01:02 AM	#5
lucas131 ¯\_(ツ)_/¯ Industry Role: Join Date: Aug 2004 Posts: 11,475	are you sure it is stolen credit cards? i know the site and i know he have been doing serious exploiting, i mean he is getting injections into your database, but no credit card is hurt. have you been contacted by any owner of the stolen cards? not backing up anyone, but maybe its time to check your site security ...