RealTime IT News

Curador Taunts Police Over Site Break-Ins

Curador, the cracker who has stolen credit cards from at least eight small e-commerce sites and then posted them online, is growing more brazen by the minute.

In an interview with InternetNews Wednesday, Curador claimed he has hit five new Web firms and will soon publish hundreds more stolen credit card numbers at a new site, which he said he registered using one of the stolen cards.

"Law enforcement couldn't hack their way out of a wet paper bag. They're people who get paid to do nothing. They never actually catch anybody," said Curador.

After hitting his first site, Shopping Thailand, on Jan. 31, Curador has so far eluded arrest. In February, Curador stole and posted credit cards from mobile phone provider ProMobility, LTAmedia, a self-improvement products site, and the homepage of the American Society of Clinical Pathologists. Curador's most recent victims include NTD, a Web development firm in the U.K., Vision Computers, a computer retailer, as well as Sales Gate, an ecommerce portal, and online herbalist Feelgood Falls.

Using a stolen card, Curador set up a site at e-crackerce.com in late February where he posted several thousand of the purloined card numbers. That site was soon shut down by the hosting company. A few days ago, Curador re-emerged at free-creditcard.com, also apparently registered using one of his victim's credit cards. That site has also been disabled.

To publicize his latest site, Curador said he has created an animated ad banner and signed up for the Microsoft Banner Network, which will display Curador's banner at participating Web sites.

"The banner says, 'Find out exactly what you can do if you have Microsoft IIS Web server and ecommerce.' And if you click on it it'll take you right to my site," said Curador.

Curador has admitted to targeting Windows NT systems in his previous break-ins, using a known vulnerability in a feature called RDS, which was first publicized by a security consultant who goes by the hacker nickname of Rain Forest Puppy. But Curador now says he's turned his attention to Unix servers, and claims to have captured encrypted password files that he is attempting to crack.

"Unix is harder, but I want some more interesting targets. It's too easy to do Windows and I can't be bothered any more."

Chris Davis, a security expert with Tyger Team Consultants in Ottawa, Ontario, which has been retained by several of Curador's victim sites, said the cracker's decision to target UNIX machines will make him easier to track down.

"I'm laughing all the way to the court house, because Unix logs much better than NT. Any time he sends a packet to a Unix machine it's going to be logged somewhere, and that's going to make our job easier," said Davis.

Claiming to be a Webmaster for an ecommerce company, Curador has said his goal is to wake up sites about their security vulnerabilities. But when asked Wednesday whether he feels any remorse toward the people whose cards he has stolen, Curador was unapologetic.

"It's just their tough luck. It's not my fault that the site (was insecure). If I didn't do it, somebody else would have and not advertised it," said Curador.

Davis admitted law enforcement agencies have been frustratingly slow in investigating the case, but he is confident that Curador's crime spree will soon come to an end.

"He's not as bright as he thinks he is. I coul