Curador Taunts Police Over Site Break-Ins

Curador, the cracker who has stolen credit cards from at least eight small
e-commerce sites and then posted them online, is growing more brazen by the

In an interview with InternetNews Wednesday, Curador claimed he has hit five
new Web firms and will soon publish hundreds more stolen credit card numbers
at a new site, which he said he registered using one of the stolen cards.

“Law enforcement couldn’t hack their way out of a wet paper bag. They’re
people who get paid to do nothing. They never actually catch anybody,” said

After hitting his first site, Shopping Thailand, on Jan.
31, Curador has so far eluded arrest. In February, Curador stole and
posted credit cards from mobile phone provider ProMobility, LTAmedia, a self-improvement products site, and the homepage of the American Society of Clinical Pathologists. Curador’s most recent victims include NTD, a Web development firm in the U.K., Vision Computers, a computer
retailer, as well as Sales Gate, an
ecommerce portal, and online herbalist Feelgood Falls.

Using a stolen card, Curador set up a site at in late
February where he posted several thousand of the purloined card numbers.
That site was soon shut down by the hosting company. A few days ago, Curador
re-emerged at, also apparently registered using one of
his victim’s credit cards. That site has also been disabled.

To publicize his latest site, Curador said he has created an animated ad
banner and signed up for the Microsoft Banner Network, which
will display Curador’s banner at participating Web sites.

“The banner says, ‘Find out exactly what you can do if you have Microsoft
IIS Web server and ecommerce.’ And if you click on it it’ll take you right
to my site,” said Curador.

Curador has admitted to targeting Windows NT systems in his previous
break-ins, using a known vulnerability in a feature called RDS, which was
first publicized by
a security consultant who goes by the hacker nickname of Rain Forest Puppy.
But Curador now says he’s turned his attention to Unix servers, and claims
to have captured encrypted password files that he is attempting to crack.

“Unix is harder, but I want some more interesting targets. It’s too easy to
do Windows and I can’t be bothered any more.”

Chris Davis, a security expert with Tyger
Team Consultants
in Ottawa, Ontario, which has been retained by several
of Curador’s victim sites, said the cracker’s decision to target UNIX
machines will make him easier to track down.

“I’m laughing all the way to the court house, because Unix logs much better
than NT. Any time he sends a packet to a Unix machine it’s going to be
logged somewhere, and that’s going to make our job easier,” said Davis.

Claiming to be a Webmaster for an ecommerce company, Curador has said his
goal is to wake up sites about their security vulnerabilities. But when
asked Wednesday whether he feels any remorse toward the people whose cards
he has stolen, Curador was unapologetic.

“It’s just their tough luck. It’s not my fault that the site (was insecure).
If I didn’t do it, somebody else would have and not advertised it,” said

Davis admitted law enforcement agencies have been frustratingly slow in
investigating the case, but he is confident that Curador’s crime spree will
soon come to an end.

“He’s not as bright as he thinks he is. I coul

d be underestimating him, but
I really doubt it. In a combined effort, we are far better at what we do
than this guy is, and I can’t wait to see the look on this guy’s face when
he gets arrested.”

News Around the Web