RealTime IT News

Hackers Arrested for E-Commerce Site Break-ins

Police in Wales have arrested Curador, a hacker suspected of stealing thousands of credit cards from nine e-commerce sites and posted many of them on the Web.

The FBI's National Infrastructure Protection Center confirmed Friday that Welsh police have taken into custody two 18-year-old men, both residents of Dyfed-Powsys, Wales and presumed to be Curador and his associate. The names of the men have not yet been released.

Curador and his accomplice are expected to be charged under Britain's Computer Misuse Act for the theft of more than 26,000 credit card numbers. The two also will be charged for fraudulent use of the cards. Curador and his accomplice allegedly rang up several dozen online purchases using stolen cards, many of the charges exceeding $2,000. Details of the possible sentences facing the suspects were not immediately available. The two men may also face prosecution in the United States.

As first reported by InternetNews.com, Curador hit his first victim, an online shop called shoppingthailand.com, in late January. Shortly thereafter, he posted 1,000 credit card numbers and other customer data at a personal Web site at Xoom.com, the Web homesteading site. Curador, who called himself "the custodian of ecommerce," claimed to have taken 5,000 cards from the etailer, and boasted that he had exploited insecurities in Microsoft's Web server software. A mirror of that site is available here.

In subsequent weeks, Curador broke into eight other small online sites around the world, and each time posted some of the stolen cards at a series of personal sites. The victims, in order, include promobility.net, ltamedia.com, ascp.org, ntd.co.uk, visioncomputers.com, salesgate.com, and feelgoodfalls.com. Losses to the sites are estimated to exceed $3 million.

According to Chris Davis, a security expert with consulting firm, TygerTeam which investigated the break-ins on behalf of some of the victims, Curador apparently used a homemade script to scan the Internet looking for sites which were vulnerable to two widely-known security holes in Microsoft's Internet Information server. After finding a vulnerable site, Curador would browse the site's database files to see if it was storing credit cards and other customer records unencrypted on its Web server -- a practice frowned upon by security experts.

Last month, Curador apparently used one of the stolen credit cards to register the domain and set up a site at e-crackerce.com, where he displayed the stolen cards and posted rants about the poor state of security at e-commerce sites. After that site was shut down by the ISP, Curador set up shop at free-creditcards.com, also apparently registered using a stolen credit card.

In an interview with InternetNews Radio on March 8th, Curador revealed that he also registered the domain curador.com and displayed the stolen cards there. A look-up on that domain revealed that it was registered to a company called Fibres Solutions in Swansea, Wales.

During the interview, Curador taunted police, saying he didn't think they would be ever able to catch him.

In an interview with InternetNews Friday, Michael Vatis, director of the FBI's NPIC, said, "Computer crime investigations are difficult and resource intensive, but anyone who underestimates the skills and tenacity of our agents does so at his own peril."

Vatis said law enforcement officials from the US and Canada also contributed to the arrest, as did security consulting firms.

"This case demonstrates that cyber criminals can not hide behind international boundaries to escape justice," said Vatis.

The FBI has come under fire recently for its difficulties tracking down the perpetratorsof th