Hackers using File Lockers to Exfiltrate Stolen Credit Card numbers

Piracy isn’t the only illegal activity taking place on file lockers. Recent research has demonstrated that hackers are using file lockers and streaming sites to exfiltrate stolen credit card numbers and other stolen data from their targets.

In a recent article published at Dark Reading, the methods used by hackers to exfiltrate data via video streaming sites were examined in detail. However this activity also takes place on file lockers.

Hackers who have stolen credit card, financial or other data need a way to exfiltrate that data without revealing their final destination for the data. So in a clever manoeuvre the hackers will embed stolen data into regular movie files and then upload them onto file locker services. Then once the data is in place, the hackers will then exfiltrate that data just as a normal file locker user would download files. Once the data has been retrieved the original files are deleted from the file locker.

[Read more...]

Yonzy: All Payment Processing Terminated

Recently we discussed a new file locker called Yonzy. This site hosted copyright infringing content and was owned by IMGAH.COM owner Jesse Grandbois.

The site now has no forms of payment processing as both Payza and Skrill have intervened to close this merchant’s accounts.

Moneybookers com

Screen Shot 2014 09 09 at 6 01 15 am

We’ll keep a close eye on this site and act quickly if new payment processing methods are added.

Yonzy. New file locker linked to Imgah.com

Yonzy is a new file locker which launched just a few days ago. The file locker has announced it’s presence to the pirates and thieves on WJunction.

Yonzy wjunction offer

Like most file lockers we have investigated, Yonzy offers paid rewards to uploaders of content. They pay uploaders a commission upon a signup to the file locker and also pay up to $13.00 per 1000 downloads that a file receives.

What we have found is that the image hosting site Imgah.com now redirects to Yonzy.com

Yonzy links

[Read more...]

Oboom: Bestiality still being made available – Pay by Visa or Mastercard

OBoom is still selling a virtual mountain of extreme and sick pornography from it’s website. There is an endless supply of bestiality content made available.

Just yesterday we posted about the huge amount of extreme and potentially illegal content available on OBoom. Since then nothing has changed. In fact we’re finding more of it.

OBOOM com  keep your moments on file

OBoom is a site which needs to be shut down, it’s obviously out of control with huge amounts of extreme and potentially illegal content present on the site. There are no controls in place, anyone can upload anything and they get paid to do so. OBoom pays it’s uploaders as much as 60 Euros per 1000 download or 95% of each sale their download generates.

[Read more...]

Resellers: Providing Access to Illegal File Lockers

Many file lockers that lose, or risk losing direct payment processing turn to resellers in order to bypass restrictions placed on their direct payment processing.

One such site is VIP-KEYS.COM which is processing payments for dozens of file lockers, many of which have lost direct payment processing methods.

Premium Accounts

Time is running out for resellers as we refine our understanding of their business processes and seek to mitigate their ability to process payments.

VIP-KEYS.COM use a Russian bank to process Visa and Mastercard and it’s is likely that either an arrangement has been made with that bank or that the bank is unaware of the true nature of the business it is processing credit cards for.

We are working through the vast networks of resellers and slowly knocking them out as options for sites like FileOM which lost all of it’s direct payment processing two weeks ago.

FileOM: Full of Pirated Webcam Videos

There are many sites dedicated to providing live webcam shows to men who pay to watch women perform certain sexual acts, or even just chat online.

These cam performers often work on sites which geoblock their own countries and work using aliases so that their true identity is kept as private as possible.

There is a great demand for copies of videos of these performances and many cam sites sell these to their customers, however like everything else in demand, the pirate file lockers cash in on this popularity and make tens of thousands of cam performance videos available, usually in exchange for a paid membership

One serious offender in this space is FileOM.com, a problematic file locker which we would consider one of our highest priority targets.

[Read more...]

UltraMegaBit & Rudy Corella – Selling Pirated Porn

Rudy Corella, recently fined by the State of Washington for misleading and deceptive practices, is still at it.

He continues to profit from copyright infringing content, selling access to pirated porn from his UltraMegaBit file locker service.

Obviously his credit card processing falls into the high risk category, so we’ll be doing what we can to bring this issue to the attention of his bank and his credit card processor and acquirer.

0a1ce7ddeb6d2337a49dc32922eb8f7b

We’ve detected thousands of instances of copyright infringing pornographic material being distributed on UltraMegaBit.

[Read more...]