To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------
On 2007-07-05 16:58+0000, Jon O. wrote:
----- Forwarded message from Paul Ferguson <[EMAIL PROTECTED]> -----
From: Paul Ferguson <[EMAIL PROTECTED]>
Date: Thu, 5 Jul 2007 21:05:09 GMT
To: [EMAIL PROTECTED]
Subject: [funsec] U.K. Case Shows Link Between Online Fraud and Jihadist
Networks
Brian Krebs writes in The Washington Post:
[snip]
Investigators say Spence's stolen data made its way via the Internet black
market for stolen identities to 21-year-old biochemistry student Tariq
al-Daour, one of three U.K. residents who pleaded guilty this week to a
terrorism charge of using the Internet to incite murder.
[snip]
You all might want to take a look at some of the court transcripts for
these bad guys (when they aren't in a Bush shadow court) -- the Feds
often get laptops and describe what's on them.
Also, let me suggest a book regarding terrorists and the Internet -- some
people have been researching this stuff and using it to take down terrorists:
http://www.amazon.com/exec/obidos/tg/detail/-/1840189789/ref=pd_sl_aw_alx-jeb-9-1_book_16271185_2
You know how Al-jazeera gets all those "new" al-qaeda videos that
get released? Or how one of the guys posted a message about the
London bombing before it actually took place.
Well, you can usually find those on the sites listed below. These are not
I used to run security for .gov.il :P
"cyber-terror" sites as someone called them (interested in messing with
computers) --
these are the real deal.
http://hewar.khayma.com/
http://shareah.bravehost.com/flash.html
http://albasrah.net/
[take a look at the attachments/files posted on these and you'll get the
picture]
Lastly, regarding carding and terror, here's something from a paper I wrote in
2003:
During a particular investigation, more than 17,000 credit card numbers were
verified in the span of 72 hours. Of the verifications witnessed, over 9,000 of
these cards were reported valid and each billed one penny. However, the carder
is not after the penny, rather they are ensuring the card is valid for later use in a
fraudulent transaction. Furthermore, many verifications may have been taking
place in the IRC channel as private queries to the bot and would not be sent as
public responses to the entire channel.
Disturbingly, many of the authorization bots are hosted on machines in Jordan,
Pakistan, and Kuwait. Three addresses, for example, could be traced to a single
office building in Kuwait and another address to the Kuwait Ministry of Finance.
Recently, the Washington Post reported Al-qaeda is moving to the Internet [3] .
while in fact, they have been digitized and online for quite some time. Terror
suspects are being arrested with carding information, credit card numbers and
hacking information.
In a complaint filed against Ali Saleh Kahlah Al-Marri an FBI agent relates
specific information recovered from the suspect's laptop [4]. This information
includes:
Paper documents containing: 36 credit card numbers, names of the
account holders, the card type (Visa, Mastercard, etc.), and expiration
dates
Computer files containing an aggregate of over approximately 1,000 credit
card numbers
Internet bookmarks relating to: computer hacking, fake driver's licenses,
buying and selling credit card numbers (Carding), and processing credit
card transactions
In that same complaint, you will notice Al-Marri was found to have placed calls to
the same phone number in the UAE as used by Muhammad Atta -- it would seem
Al-Marri has some significant connections.
[4] COMPLAINT: Violations of 18 U.S.C. ?? 1001, 1014 & 1028; MICHAEL G.
McGOVERN/JONATHAN S. KOLODNER, Assistant United States Attorneys
<<http://news.findlaw.com/hdocs/docs/terrorism/usalmarri1202cmp.html>>
--
--
"beepbeep it, i leave work, stop reading sec lists and im still hearing
gadi"
- HD Moore to Gadi Evron on IM, on Gadi's interview on npr, March 2007.
_______________________________________________
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets