| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: zorkshin at tampabay.rr.com (Justin Shin) Subject: credit card numbers carding is still very much the same as it was 10 years ago, before online shopping kicked off. basically its a ring of losers who dig in the trash cans, use deceptive web pages (ie fake logins for paypal, ebay, etc.), steal numbers from cc vendors databases, and then trade them off because they are too much of pussies to actually try to use any of them... for example if you ever visit an irc carding room or a carding newsgroup its all the same: Thrash1: i have 10 gazillion ccs w/cvv2 and full info, selling for $25 each Thrash2: huh, i dont understand. how do u use these credit cards online Thrash3: newbie, get out, go screw yourself Thrash2: whats cvv2 Although it can be a serious problem carding remains largely the same deal as before. The best thing online vendors can do is to encrypt cc information as well as any accounts tied to those numbers (ie user/pass) in case another one of those 0day shopping cart sploits come out. Another thing they can do is to delete cc info after "x" days or just not store it at all ... after all, doesn't that eliminate the problem all together? Also, sorry about the stupid vacation message. I got about 20 million emails that said something along the lines of: >Its July, dipshit. :) -- Justin Shin
Powered by blists - more mailing lists