- Joined
- 13.07.22
- Messages
- 463
- Reaction score
- 9,424
- Points
- 93
In the underground world of cybercrime, carders are increasingly leveraging sophisticated malware known as “stealers.” These tools harvest sensitive data from victims, enabling carders to monetize stolen information effectively. In this thread, we will explore real-life case studies where stealers have been used, the techniques employed by cybercriminals, and the various methods they utilize to profit from stolen data.
Stealers are a type of malware specifically designed to extract sensitive information from infected devices. They can capture a range of data, including:
Stealers can be deployed in various ways—through phishing emails, malicious downloads, or compromised websites—making them a versatile tool for cybercriminals.
2. The MegaCortex Ransomware Incident
While primarily known as ransomware, MegaCortex also included features to extract sensitive information from the infected systems. This dual functionality provided carders with the ability to exploit financial information during the ransom process.
What are Stealers?
Stealers are a type of malware specifically designed to extract sensitive information from infected devices. They can capture a range of data, including:
- Credit card information
- Login credentials for online banking, e-commerce sites, and other platforms
- Browser cookies and stored passwords
- System information that can aid further exploits
Stealers can be deployed in various ways—through phishing emails, malicious downloads, or compromised websites—making them a versatile tool for cybercriminals.
Real-Life Cases of Stealer Usage
2. The MegaCortex Ransomware Incident
While primarily known as ransomware, MegaCortex also included features to extract sensitive information from the infected systems. This dual functionality provided carders with the ability to exploit financial information during the ransom process.
- Tactics Used: After infecting machines, MegaCortex would search for saved credit card information and logins. Attackers then leveraged this data to extort victims further, demanding payment in cryptocurrency for not leaking sensitive data.
- Monetization: Data harvested was sold to other hackers or leveraged to charge additional ransoms based on the value of the stolen information.
How Carders Make Money from Stealer Data
- Selling Data on Dark Web Markets
Hackers frequently use dark web platforms to sell stolen databases. Popular marketplaces include:- CRDPRO.cc
- Empire Market
- Silk Road 3.0
- Dream Market (though now defunct, legacy markets still exist)
- The price of stolen data can vary depending on the quality and type of information. Bulk personal data can range from $100 to several thousand dollars.
- Using Stolen Credentials Directly
Many carders use stolen credentials to conduct fraudulent activity directly. Common methods include:- Purchasing Goods Online: Using stolen credit card details to buy high-demand electronics, fashion, or other goods for resale.
- Account Takeover: Gaining access to victims' online accounts to drain funds or purchase items with the victim’s payment information.
- Creating Phishing Kits
Some carders utilize stolen data to create sophisticated phishing kits aimed at collectively targeting other users. They launch phishing campaigns to extract further information or steal more credentials. - Ransomware Deployment
With access to sensitive data, cybercriminals can threaten victims through ransomware attacks, demanding payment for data restoration or security. - Money Laundering Through Cryptocurrency
Carders frequently use cryptocurrencies to launder stolen funds. By converting stolen money into various cryptocurrencies, they obscure the trail back to their original crime.
Last edited: