GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   this site is worse then tubes and typical password sites (https://gfy.com/showthread.php?t=1076048)

venus 07-26-2012 09:51 PM

this site is worse then tubes and typical password sites
 
Ok, usually you dont find out who is really using stolen credit cards on your site, but I did, by mistake.

last week I had 12 signups come in at the exact same time, all saying they were from mexico, but the host name in the receipt were all different and all from hosting companies around the US. Incase people dont know how the scam works, this is also used by affiliates who are trying to rip off the programs, they get a cheap account at a hosting company, then they telnet in or use some script to join websites, the receipt shows the Ip address/host name of the person joining and for these guys its a hosting site. I killed the passwords acouple of hours after the guy bought them.

Anyway, 2 days ago I got an alert from google about a search for my site pointing to

----------
Web 1 new result for landofvenus

Landofvenus.com - Page 5
http://members.landofvenus.com/members/members.html.
http://www.netsploiterworld.org/foro...d.php?3785...p...
--------

so I went there and guess what I found, the passwords that were made with the stolen cards...the guy had 3 posted in the free area and said the rest were in a VIP area and to join to get the rest...

so watch out for this site, I have emailed moneybookers and paypal to try and get his money sources closed, hopefulyl others will be able to report this guy also, but this is just a blantant attempt to rip people off and use stolen cards... worse type of site out there!

shake 07-26-2012 10:23 PM

Thanks for the tip, good to be on the ball watching hostnames like that.

vdbucks 07-26-2012 10:40 PM

Quote:

Originally Posted by venus (Post 19083298)
Ok, usually you dont find out who is really using stolen credit cards on your site, but I did, by mistake.

last week I had 12 signups come in at the exact same time, all saying they were from mexico, but the host name in the receipt were all different and all from hosting companies around the US. Incase people dont know how the scam works, this is also used by affiliates who are trying to rip off the programs, they get a cheap account at a hosting company, then they telnet in or use some script to join websites, the receipt shows the Ip address/host name of the person joining and for these guys its a hosting site. I killed the passwords acouple of hours after the guy bought them.

Anyway, 2 days ago I got an alert from google about a search for my site pointing to

----------
Web 1 new result for landofvenus

Landofvenus.com - Page 5
http://members.landofvenus.com/members/members.html.
http://www.netsploiterworld.org/foro...d.php?3785...p...
--------

so I went there and guess what I found, the passwords that were made with the stolen cards...the guy had 3 posted in the free area and said the rest were in a VIP area and to join to get the rest...

so watch out for this site, I have emailed moneybookers and paypal to try and get his money sources closed, hopefulyl others will be able to report this guy also, but this is just a blantant attempt to rip people off and use stolen cards... worse type of site out there!

I hope you're issuing refunds to the victims of the stolen cards used... I mean, that's the legitimate way to go about handling these things; not just locking the passwords...

venus 07-26-2012 10:46 PM

you think....jeesh


Quote:

Originally Posted by vdbucks (Post 19083337)
I hope you're issuing refunds to the victims of the stolen cards used... I mean, that's the legitimate way to go about handling these things; not just locking the passwords...


lucas131 07-27-2012 01:02 AM

are you sure it is stolen credit cards? i know the site and i know he have been doing serious exploiting, i mean he is getting injections into your database, but no credit card is hurt. have you been contacted by any owner of the stolen cards? not backing up anyone, but maybe its time to check your site security ... :2 cents:

SKUP 07-27-2012 01:18 AM

Quote:

Originally Posted by lucas131 (Post 19083459)
are you sure it is stolen credit cards? i know the site and i know he have been doing serious exploiting, i mean he is getting injections into your database, but no credit card is hurt. have you been contacted by any owner of the stolen cards? not backing up anyone, but maybe its time to check your site security ... :2 cents:

Did you read that thread? I mean: 12 sign ups from Mexico at the same time coming from hosting companies all over the US. And the passwords showing up at the site.

What do you think he is "exploiting"?

lucas131 07-27-2012 01:23 AM

Quote:

Originally Posted by SKUP (Post 19083478)
Did you read that thread? I mean: 12 sign ups from Mexico at the same time coming from hosting companies all over the US. And the passwords showing up at the site.

What do you think he is "exploiting"?

where she said she got email from ccbill? she said she got signups. i doubt ccbill would allow use of stolen cards and use of proxy or telnet servers to join :2 cents: i may be wrong, maybe times changes. and still, why the hell would anyone use 12 stolen cards for one site? isnt one in public and one in vip section enough to get some people to signup for vip?

halfpint 07-27-2012 01:24 AM

Quote:

Originally Posted by SKUP (Post 19083478)
Did you read that thread? I mean: 12 sign ups from Mexico at the same time coming from hosting companies all over the US. And the passwords showing up at the site.

What do you think he is "exploiting"?

no need to bite lucas's head off lol he does know a thing or two about exploits and hacking

anyway heres a bump for more views

gleem 07-27-2012 06:59 AM

hey, I had the same thing happen this week. Four signups in a row from the same mexican IP address but different names and logins:
http://whois.domaintools.com/189.180.168.178

potter 07-27-2012 07:00 AM

Quote:

Originally Posted by vdbucks (Post 19083337)
I hope you're issuing refunds to the victims of the stolen cards used... I mean, that's the legitimate way to go about handling these things; not just locking the passwords...

The credit card companies will issue the refund regardless. :2 cents:

SplatterMaster 07-27-2012 07:15 AM

Quote:

Originally Posted by venus (Post 19083298)
Anyway, 2 days ago I got an alert from google about a search for my site pointing to

Don?t count on Google to catch this kind of stuff. Check your server logs daily and catch it before it reaches that point. Install membership software that locks out users with multiple logins from different IPs/ISP?s/Countries. Check your server logs and I?m sure you will find referrers from other sites like this.

Quote:

Originally Posted by lucas131 (Post 19083487)
i doubt ccbill would allow use of stolen cards and use of proxy

12 at one time is kinda strange. But I can assure you stolen CC and user on a proxy gets through. I?ve seen some strange shit in CCBill site logs when one is trying to get through. 5 or 6 signup attempts within minutes of each other and 1 will get through while the others are rejected. CCBill is far from perfect at catching this kinda stuff.

iSpyCams 07-27-2012 10:50 AM

Quote:

Originally Posted by lucas131 (Post 19083487)
where she said she got email from ccbill? she said she got signups. i doubt ccbill would allow use of stolen cards and use of proxy or telnet servers to join :2 cents: i may be wrong, maybe times changes. and still, why the hell would anyone use 12 stolen cards for one site? isnt one in public and one in vip section enough to get some people to signup for vip?

CCbill's fraud protection has actually been fairly weak lately, IMO. I have had a rash of carders lately who seem to be looking for CCBill merchants to exploit, because they can sign up with a fake name and address and as long as the get the CCV code correct, ccbill will allow the transacion.

This way they can use women's credit cards and make it seem like the billing address and IP geolocation are closer than they are without getting busted too quick.

lucas131 07-27-2012 12:13 PM

Quote:

Originally Posted by SplatterMaster (Post 19083846)
Don’t count on Google to catch this kind of stuff. Check your server logs daily and catch it before it reaches that point. Install membership software that locks out users with multiple logins from different IPs/ISP’s/Countries. Check your server logs and I’m sure you will find referrers from other sites like this.



12 at one time is kinda strange. But I can assure you stolen CC and user on a proxy gets through. I’ve seen some strange shit in CCBill site logs when one is trying to get through. 5 or 6 signup attempts within minutes of each other and 1 will get through while the others are rejected. CCBill is far from perfect at catching this kinda stuff.

thats it. ccbill have also some protection, and if you get some fresh ccs list, i doubt you will make 12 logins, it means to burn like 50 credit cards, for one site ... :2 cents:

venus 07-27-2012 12:21 PM

I have been using password software for about 13 years, I use password sentry...very good stuff

Quote:

Originally Posted by SplatterMaster (Post 19083846)
Don?t count on Google to catch this kind of stuff. Check your server logs daily and catch it before it reaches that point. Install membership software that locks out users with multiple logins from different IPs/ISP?s/Countries. Check your server logs and I?m sure you will find referrers from other sites like this.



12 at one time is kinda strange. But I can assure you stolen CC and user on a proxy gets through. I?ve seen some strange shit in CCBill site logs when one is trying to get through. 5 or 6 signup attempts within minutes of each other and 1 will get through while the others are rejected. CCBill is far from perfect at catching this kinda stuff.


venus 07-27-2012 12:23 PM

yes they will, its called a chargeback...not what I want..I have a merchant account so I pay like 25 or 35$ per chargeback

Quote:

Originally Posted by potter (Post 19083816)
The credit card companies will issue the refund regardless. :2 cents:


venus 07-27-2012 12:23 PM

bet they are on this guys site also

Quote:

Originally Posted by gleem (Post 19083811)
hey, I had the same thing happen this week. Four signups in a row from the same mexican IP address but different names and logins:
http://whois.domaintools.com/189.180.168.178


venus 07-27-2012 12:24 PM

I dont use ccbill, I have a merchant account through netbilling

Quote:

Originally Posted by lucas131 (Post 19083487)
where she said she got email from ccbill? she said she got signups. i doubt ccbill would allow use of stolen cards and use of proxy or telnet servers to join :2 cents: i may be wrong, maybe times changes. and still, why the hell would anyone use 12 stolen cards for one site? isnt one in public and one in vip section enough to get some people to signup for vip?


venus 07-27-2012 12:28 PM

2 hours after the memberships were made I downloaded and viewed my log files, viewing the IP addresses of the accounts made, none of the ip addresses had entered the members area, he made the passwords, then probably ran off to make more at other sites so he could post them on his site..seems like an easy way to get working passwords for his site so he can sell access to them...someones credit cards were used to make these memberships, I have the receipts for them, and I forwarded it all to the FBI

Quote:

Originally Posted by lucas131 (Post 19083459)
are you sure it is stolen credit cards? i know the site and i know he have been doing serious exploiting, i mean he is getting injections into your database, but no credit card is hurt. have you been contacted by any owner of the stolen cards? not backing up anyone, but maybe its time to check your site security ... :2 cents:



All times are GMT -7. The time now is 08:10 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123