Portrait of scary bandit with mask and hoodie try to take something
Interview with our newbie carder client
Talked with a carder recently via OTR Messaging.
Me: In which country/continent did you live? Z: Europe.
Me: Law about carding in your country are high? Z: yeah like everywhere else, I’m actually carding some stuff right now, as we speak.
Me: Did you fear to get caught? Z: Yes, everyone fears to get caught, its the worst that can happen to a carder, but as long as you use decent protection when you’re carding you should be safe.
Me: Which type of card did you use mainly? Z: Cards that are most rapidly used are cards like Amex Centurion/Platinum and cards that are non-avs and non-vbv platinum visa (non-address verification and non-verified by visa) Most carders enter on online shop and search for a specific bin (the first 6 numbers on the card) which identifies the card itself if its a Visa platinum without VBV. All Amex are also non-vbv which makes them very easy to use because sites that normally require verified by visa password or id chip wont ask for the information and you can buy whatever you want without having to worry about it. Non avs are also well known and used, these are cards that sites cannot look up the adress or the name on the card, so you can just enter whatever you want as long as the card number, exp date and cvv are correct. These cards are mainly outside the US, like Brazil, Australia, France and Italy etc…
Me: How did you get cards, did you use or have used malware/phishing tech? Z: Well the most common and easy way is to just purchase them at an online shop that sells cards, these shops usually have a ton of cards so you can just search for the bin you want and the state or even city. I’ve also hacked my own cards like many others but you should be very lucky to hit the jackpot to get as much variety as one of the shops. They are cheap and usually valid so that’s what most carders choose to do.
Me: What’s protection did you take when you card something? Z: I always use VPN + RDP + SOCKS. super-socks.com, vip72.com, you purchase it and you can have a period of time where u can choose socks wildly, all carders use them. People have viruses and the sites sell the socks installed on the victim’s computer you can choose the state, city, etc… You can never be safe, the best way is of course to use a hacked wifi + mac spoofing but the police are really busy nowadays at least in my country so a small case here and there are only going to be put in their archive and forgotten.
Me: Your neighbors was never suspicious about a UPS/FedEx car or the delivery guys who come each time? Z: Actually I don’t card to my own country because they all require VBV here, and I don’t feel safe to meet FedEx myself. As I said earlier I always put security first. Usually, I use drops in the United States which require 1:1 payment for receiving my package, which means I have to pay them one item of the same, same value as the one I ordered or pay them 20% of the original items value. Then they reship to my country without any complications.
Me: Did you get already requested by real-life friends to card something? Z: Yes many many times, but I usually denied to the card for others on the net or in real life because there is less profit in it and it’s a lot of work, talking with a drop, finding a credible site. I like to card items that got used of myself unless its some simple digital goods.
Me: What’s did you do with carded stuff, personal use? Z: As I said above, I only card items that I need myself. It’s very rare that I resell something unless its carded gift cards or digital goods.
Me: Wich type of things did you card? Z: I always card electronics. Computer parts, expensive laptops, Beats by Dr. Dre headset, Wifi antennas outdoor and stuff like that are my favorite as I bet many others share with me.
Me: Did you have an expensive car like in movies? Z: Haha I wish, no not in my lifetime, this is just for fun. I got a good job with a very good paycheck and I never plan to take carding that far as im doing quite alright already
Me: What’s the first thing you carded? Z: I carded steroids for 10K to my own address from my own IP and nothing ever happened. You should never do it like this.
Me: How did you start into carding and what’s motivating you to continue? Z: Well I first started carding when I was very young, at the age of 15. But I advanced after a while, and the last years I’ve been more and more fascinated by hacking, exploiting, insecurity for grabbing sensitive data. Then I got into underground forums and got into contact with people that I could learn from, and I found it as a very interesting subject. I don’t really need it but when you hit the goal it motivates you to continue. Its the same way with items, if you manage to card something and you get it as you want, you just can’t stop.
Me: Did you do this for a living? Z: I dont do this for a living as I know many other people do. I do it for fun and because i like to get stuff for free.
Me: Wich malware is the best for getting cards? Z: The most common software by carders and fraudsters are usually SpyEye and Zeus, Zeus is a bit outdated as the coder has discontinued his work on it. There’s also a new software called GameOver but I have never seen it in action yet. Zeus source is leaked and free so anyone can take advantage of it, same with SpyEye which is cracked and leaked to the public, thanks to X. (haha)