Carding. Introduction.

Carder

Professional
Messages
2,616
Reaction score
1,934
Points
113
Carding is just a type of fraud with bank cards without the knowledge of their owner. And the key issue here is not access to data at all, as it might seem, but how to use it later. There are several types of carding:

Stuff Carding. The most common and popular method is that something is purchased in online stores using these cards with a balance, after which the goods are resold for a fraction of the amount. This scheme is quite easily scalable and allows you to get a very good income, but it requires preparation for implementation.

Online Carding. The money from the victim's card is simply transferred to your accounts or bank accounts. However, due to a number of technical aspects, it is impossible to transfer money directly - as a result, one has to look for workarounds to “launder” the received funds.

Offline Carding. The most difficult method to implement is to create a duplicate of a bank card, after which the contents are removed from it either through ATMs, or, again, through the purchase of goods in stores.

Selling data. You yourself get access to information about bank cards in various ways, and then sell them on carding forums.
I think it has already become obvious to you that such an activity is not at all a "money" button. In order to receive a serious income, you will have to invest a lot of time and effort, and, moreover, have some starting capital. At the same time, it is far from the fact that everything will work out from the first, second, fifth time - many factors can lead to unsuccessful attempts, which will only bring a decline.

“But this is illegal activity, they will find me and jail me!” - you might think. Yes, if your turnover is already thousands of dollars, and you are not concerned with your own safety, then problems with the law may arise. But if you deliberately approach your own anonymity, correctly build the entire chain of actions in the scheme and not make mistakes, then the risks are reduced to almost zero.

Do you need any special knowledge, deep understanding of the system, or social engineering skill? No. A clear understanding of the basics of the area in which you are working is enough. Nevertheless, the more related topics you understand, the better - new ways of implementing various schemes will simply be opened for you.

So, let's summarize. Can you really make money on carding? Yes. Is it possible to get easy money this way without doing almost anything? No. Is it difficult to understand this topic? No, just persistence is enough.

What is carding or what is relevant in 2020

Foreword. So that there was an idea of carding as a whole.

Personally, I have been hanging out in the shadow sphere for several years, as it is customary to say now. To be more precise, I mostly consider myself a carder. I have seen enchanting ups and downs, big money, various insider insights, loud scams among “friends”, hypes out of thin air, even creativity or perversion in one form or another in relation to someone or something from the dark theme. But now, perhaps, not about me. Let's talk about the real world and essential things, what is relevant? where is the hype? where are the grandmas still spinning? on the other side of the monitor ...

So, let's start with the fact that, at the moment, there are many ramifications in online carding, from banal carding someone else's credit card of an American for $ 7-12 to auto refills from bank botnets with a financial turnover of $ 300,000-400,000 / month. I will try to touch on the hottest topics that everyone is discussing around like that at the moment, but it is not always clear to the end how it works for beginners, in one area or another, and even if they have vast experience behind them.

The first thing I would like to tell you about carding "brute" accounts of various stores, a rather monotonous activity, but having a significant reason for profit, given the degree of zadrochnost your office. What are brute accounts, this is the personal account of the site user, for example, ebay.com or amazon.com. Before you start googling what it is and what it is eaten with, it is worth considering one significant point, namely: the more famous the domain, those site - the more likely it is that with your little experience it is unlikely that anything can be done at all, unfortunately, the harsh reality ... If you try yourself, then only on any low-fraud sites - of which there are very, very many, you just need to show your imagination. And how to get brute accounts is already a completely different story, but in short I will say that - it is taken: encoder + server + good bases of format email:password, long list of proxies = brute accounts.

98b5c052-2452-4804-be1c-8ea601324e08.png


The second thing they work with most often at the moment is the logs from the stealers. How it works: There are various malware programs that are distributed by traffic arbitrage, or through install exchanges, a more advanced class of young hackers. As a result, we have to buy the data of someone else's computer in the form of a neat archived file that carries a number of information, including cookies from the browser and logins passwords from the owner of the pc. It is more pleasant to work with such material for a number of reasons, one of which is that you can deceive fraud (security / protection system) by posing as the real owner of the log - your loved one. But there is also a significant disadvantage of this material, it is its availability and price. Not always our valiant hucksters trade good material passing it off as unique, at a price of $ 10 for one Log. And I almost forgot for one more minus, namely that it is quite problematic to make such material yourself, and hemorrhoids are an occupation that requires certain skills and experience.

cbcc6972-a2e1-4271-b8e3-1101f3f0031b.png


Third, it's not everyone's favorite PayPal trash. If you are a beginner and do not know what it is, I advise you to read the articles on our carding forum. Being in a frenzy while working with the so-called "Paypal", I noticed a pattern that those people who are not the first day in the subject, and the longer they work with this payment aggregator, have more and more money from it. And newcomers, who have come back to the PayPal, quit before starting. On my own behalf, the seeker will always find - this is an iron rule that you need to adhere to 24/7.

224e49c8-d0a4-46d8-8983-dd8af9371f54.png


Next I would like to tell you about such a direction as ACH

ACH is the most popular way to transfer money in the United States. If an American receives a Direct Deposit salary, then this is done through ACH. If an American sets monthly payments to his insurance company, then they also go through ACH. If he wants to transfer part of the money from his current account to a brokerage account or to a trading company, then the funds will also go through ACH. Anyway, all the Bill Pay that the average American makes at least a dozen every month go through the ACH. ACH is wherever there is cash flow.

At the moment, the most frequent thing that carders come to most often is the search for their personal office-laying or the search for a method to cash out the usa banks. Conditionally: he brought money to the site, went through a ton of verifs, scrolled the funds on the site, withdrew to his bank. This is just a very short description. In fact, there are so many nuances that sometimes it takes months to find such gaskets. Yes, and the material at the moment is still pretty hard to get, and if possible, then the horse price tag of a grief-huckster leaves much to be desired. It is even more difficult to get such material yourself, the brute + server method is used, but there is such a nuance - this is that these are BANKS and be healthy there for protection. Somewhere less, somewhere more, but in general, the task of obtaining bank accounts is not an easy task. But the profits here are completely different and very serious.

65489576-926c-4329-aa56-9ec4f83785aa.png


Well, in conclusion, I want to tell you about such a direction as Botnets. This is definitely one of the most difficult areas in the shadow business. In order to get into this whole story with a bot, you will need to study a ton of material, just stupidly in order to understand how it works and what depends on what. There are so many terms in this topic that when you and your friend talk about the topic of botnets, you can not hide your conversation from outsiders, no one will understand you anyway, it's like conducting a dialogue in Chinese.

The most juicy topic of this trend is the final material that you get at the end. Passing a mountain of information about what it is, you only need to know one thing: hVNC - in short, it is a kind of module through which you can remotely and secretly connect to the PC of a random user, having previously infected him with a Trojan spyware. What is the juice, you ask? It's simple, you = the real owner of the browser / ip address / dns / pc hardware. Accordingly, any security system perceives you as the real owner of, for example, a bank account, or an Amazon account, or a trader's account on one of the largest investment fund platforms. Few? - and if I say that sms are also hijacked, but this is a completely separate topic. Those you have already imagined a picture of the possibilities of such material. A separate conversation is the topic of settings, those methods of getting yourself those bots, but we'll talk about this later.

070a229c-6c84-4354-b6c8-680cb5427d91.png


Such pies!
 
Last edited by a moderator:
Top