03-17-2014 10:40 AM
Rescator, a popular underground website that sells payment card data, has been hacked and defaced. Rescator has been selling the card data stolen from US retailers Target and Sally Beauty.
Brian Krebs has been the first to notice that Rescator(dot)so is hacked.
“Hi subhumans and miscreants, your fraud site is gone now. Go away. Also, Krebs, please dont call me a punk on **bleep**ter: im trying to be a good person ,” the hacker wrote on the defaced page.
“To all the people who used this service to blackmail and threaten and ‘dox’ people's families: [expletive] you especially. To the ‘regular’ fraudsters: [expletive] you too but slightly less. To Cloudflare: why in a billion 6000-degree hells is your NS TTL 80000?”
In addition to the message, a YouTube video of Will Smith’s Men in Black is also displayed on the site’s homepage.
Brian Krebs has been monitoring the activities of Rescator, previously hosted on rescator(dot)la. The site is being run by an individual using the online moniker Rescator. He’s believed to be operating several other online shops that sell stolen credit and debit card data.
Rescator could be a Ukrainian individual named Andrey Hodirevski from Illichivsk. It’s uncertain if he’s involved in hacking as well or if he’s only selling information stolen by others on his underground websites.
At the time of writing, the Rescator website is still defaced.
Helpful Webroot Links: