Site Aims To Be the "Google" of the Underweb

← Back to Stories (view on slashdot.org)

Site Aims To Be the "Google" of the Underweb

Posted by samzenpus on Wednesday January 18, 2012 @02:35PM from the best-of-the-bad dept.

tsu doh nimh writes "A new service in the cyber underground aims to be the Google search of underground Web sites, connecting buyers to a vast sea of shops that offer an array of dodgy goods and services, from stolen credit card numbers to identity information and anonymity tools. From the story: 'A glut of data breaches and stolen card numbers has spawned dozens of stores that sell the information. The trouble is that each shop requires users to create accounts and sign in before they can search for cards. Enter MegaSearch, which lets potential buyers discover which fraud shops hold the cards they're looking for without having to first create accounts at each store.'"

48 of 78 comments (clear)

Min score:

Reason:

Sort:

"Underweb" by bonch · 2012-01-18 14:35 · Score: 5, Insightful

"Cyber underground," ooh, scary. Clearly, the author of this article has never visited any onion indexing sites. Seriously though, f this is a publicly accessible web server, and the creator is working directly with fraud shops, it seems like it's only a matter of time before authorities find a way to catch him. Even just by arresting one of the shop owners who might flip.
1. Re:"Underweb" by stanlyb · 2012-01-18 14:36 · Score: 2
  
  unless they are operating under the cover of TOR....
2. Re:"Underweb" by bonch · 2012-01-18 15:15 · Score: 5, Informative
  
  Well, the site is publicly accessible at http://megasearch.cc./ The guy even has his Jabber contact up. It's actually kind of suspicious and makes me wonder if it's all a joke or honeypot.
3. Re:"Underweb" by Zamphatta · 2012-01-18 15:31 · Score: 5, Informative
  
  I thought the whole thing screams "honeypot". I doubt any of the experiences bad guys will fall for this... which means they'll catch a lot of newbies and people who otherwise wouldn't have tried this line of "work". I wonder if they could get in trouble for entrapment? Hmm. Interesting. Although, I could be totally wrong, I'd still definitely avoid the place like the plague if I was looking to buy or sell there.
4. Re:"Underweb" by oztiks · 2012-01-18 15:36 · Score: 1
  
  slashdotted
5. Re:"Underweb" by mhajicek · 2012-01-18 15:54 · Score: 5, Insightful
  
  There's no such thing as "entrapment" any more.
6. Re:"Underweb" by mapkinase · 2012-01-18 16:19 · Score: 1
  
  Sometimes I suspect that /. editors consciously flaming.
  
  --
  I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
7. Re:"Underweb" by mug+funky · 2012-01-18 17:20 · Score: 3, Interesting
  
  and the headlines would be full of "cyber gang busted" stories regardless.
  if you can only catch small fish, you'll shout to the heavens just how many you got.
8. Re:"Underweb" by q.kontinuum · 2012-01-18 20:45 · Score: 2
  
  If this is a honeypot, lets create some tinyurl links and post them on e.g. Foxnews website or something to give them some bees :-)
  (Disclaimer: This was a joke, not a real encouragement to do any dodgy stuff. If you can't tell the difference better stay out of the internet.)
  
  --
  Trolling is a art!
9. Re:"Underweb" by jez9999 · 2012-01-19 01:13 · Score: 2
  
  Fox news website? I thought you wanted to give them websites that WEREN'T connected to dodgy illegal activities.
  
  --
  == Jez ==
  Do you miss Firefox? Try Pale Moon.
10. Re:"Underweb" by TheNastyInThePasty · 2012-01-19 03:50 · Score: 1
  
  People don't understand what entrapment is. It's not an undercover cop going "Hey look, there's a nice gold watch over here that someone left, maybe you should take it." and then arresting you when you do. It's not illegal to provide an opportunity and then catch the criminal in the act. It IS illegal to say "Hey, go steal that guy's gold watch or I'll kill your whole family."
  See the difference? Read up on it http://en.wikipedia.org/wiki/Entrapment
  
  --
  The best thing about UDP jokes is I don't care if you get them or not
11. Re:"Underweb" by nurb432 · 2012-01-19 06:06 · Score: 1
  
  Especially when you had to go looking for the 'bad guy' in the first place.. its not like they drove up to your house and asked 'hey buddy, want to buy a virus?'
  
  --
  ---- Booth was a patriot ----
I saw the fed! by owenferguson · 2012-01-18 14:38 · Score: 4, Insightful

Honeypot much? Nice try, guys. Way to debut it at the end of the humpday protest cycle.
1. Re:I saw the fed! by msauve · 2012-01-18 15:32 · Score: 2
  
  I, for one, am happy to see that some secret US government agency can not only do their job, but make a profit doing so. What a great idea for working both sides!
  
  --
  "National Security is the chief cause of national insecurity." - Celine's First Law
2. Re:I saw the fed! by forkfail · 2012-01-18 15:37 · Score: 1
  
  And provide fodder for the pro-SOPA camp all at the same time... sigh...
  
  --
  Check your premises.
Re:Organized trolling campaign by GreatBunzinni by forkfail · 2012-01-18 14:41 · Score: 1

Not this shit again...

--
Check your premises.
FUCK, SPOTTED THE FED! by owenferguson · 2012-01-18 14:44 · Score: 1

So sue me, I never actually made it to DEFCON, and having been to Vegas, I hardly want to go back...
Ruining it for the rest of us. by nitehawk214 · 2012-01-18 14:49 · Score: 5, Insightful

Sites like this are why the general public thinks that laws like SOPA are ok.
Or let me put it another way, if you are creating a search engine for it... it isn't underground.

--
I'm a good cook. I'm a fantastic eater. - Steven Brust
1. Re:Ruining it for the rest of us. by Anonymous Coward · 2012-01-18 14:56 · Score: 4, Insightful
  
  Awful convenient timing for something like this to be a big story eh?
  I felt "left out" after reading about the glorious underground for about 5 seconds. Then I thought.... Who seeks that kind of shit out? nevermind
2. Re:Ruining it for the rest of us. by hey! · 2012-01-19 01:03 · Score: 2
  
  You know, that's actually an interesting point about SOPA.
  What this guy is doing is illegal under the RICO act, The problem is mechanism: how exactly would you use RICO to shut him down?
  Well, you'd start with an investigation. Unless the guy is a money laundering genius, you should be able to trace back from the infrastructure he uses (DNS, Internet access, server hosting) back to some kind of bank transaction that will reveal his identity.
  So what happens when you run into a block like a DNS service that keeps domains' admin and technical contacts secret? That's one of the things SOPA is supposed to address. Well, you get a court order. It's not really that difficult. The modicum of difficulty a warrant presents is a good thing. It discourages draconian actions based on frivolous claims.
  But what if the trail of evidence leads to another country? Then we're stuck.
  Still, we don't need a massive expansion of government regulatory powers or an attempt to impose our laws over foreign territories to deal with that. What we *really* need is some kind of cyber-crime treaty. It'd work like this: Country A detects somebody in country B that is illegal in both countries. The authorities in A contact the authorities in B, and B agrees to pursue the matter, taking regulatory and criminal law actions to shut down any enterprise that *is illegal according to its own laws*. This preserves the due-process barrier to frivolous claims.
  So what if B is not a signatory to the treaty? Then we *do* need to have a law which allows us to do some of the things outlined in SOPA, *subject to due process* and with a right of appeal.
  
  --
  Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
3. Re:Ruining it for the rest of us. by nitehawk214 · 2012-01-19 02:49 · Score: 2
  
  SOPA wont hurt organizations like this. If they cant fight him with standard laws, and they use SOPA to blast his site off the internet, it is trivial for him to emerge on a new domain at a new hosting site.
  In the meantime all the other customers of the hosting site will be removed from the internet. Collateral damage abound hurts everyone except and the intended target escapes with only a minor inconvenience.
  Granted I don't think Megasearch has any legal purposes, and they are qualifying themselves for an internet Darwin award by announcing their intent... but the government will for certain use this against sites and services that do have legal uses.
  
  --
  I'm a good cook. I'm a fantastic eater. - Steven Brust
mywot.com and malwarebytes blocked it! by Anonymous Coward · 2012-01-18 15:12 · Score: 5, Informative

Out of curiously, I tried to visit MegaSearch.cc.
1. My 1st block of the site: http://www.mywot.com/en/scorecard/megasearch.cc
2. My 2nd block of the site: My Malwarebytes stopped the site from loading.
I have no desire to visit this site but thought you guys may want to use my apps to help you keep out of trouble.
Just a thought...
Re:Honeypot Detected by ColdWetDog · 2012-01-18 15:17 · Score: 4, Funny

The last Google of stolen credit cards was run by the FBI.
Can't trust anybody any more. That's the last time I ever give my credit card number to an FBI agent.

--
Faster! Faster! Faster would be better!
Hipster hackers used undergound websites by Anonymous Coward · 2012-01-18 15:32 · Score: 1

... before they were searchable.
IT'S A CONSPIRACY by Anonymous Coward · 2012-01-18 16:12 · Score: 3, Insightful

Funny that this should surface NOW, right before SOPA is voted on.....I smell a conspiracy....Seriously we need another word for conspiracy, mere mention of the word and people think your stark raving mad.
Hmm by MeatoBurrito · 2012-01-18 16:15 · Score: 5, Funny

Makes me miss astalavista
1. Re:Hmm by XeroSine · 2012-01-18 16:25 · Score: 1
  
  Man that place was amazing, such a great search engine. I stayed with altavista and astalavista all the way through college, at least up till Google came around and ruined it all....or was that made it better?
2. Re:Hmm by vikingpower · 2012-01-18 17:52 · Score: 1
  
  or was that made it better?
  That thing WAS good. Way back in the 90s, you could actually ask an english natural-language question at Altavista, and have a serious chance at getting a response that made sense. Now try THAT at Slashdot in 2012 !
  
  --
  Religous speak to God. Insane are spoken to by God. When all shut up, one can finally hear Shostakovich in peace
3. Re:Hmm by Ash-Fox · 2012-01-18 19:48 · Score: 1, Informative
  
  Way back in the 90s, you could actually ask an english natural-language question at Altavista, and have a serious chance at getting a response that made sense
  I just asked Google, "What is my IP address?" and it answered "Your public IP address is..." with my IP address.
  Did I win a cookie?
  
  --
  Change is certain; progress is not obligatory.
4. Re:Hmm by dotancohen · 2012-01-18 20:57 · Score: 3, Informative
  
  Makes me miss astalavista
  Still there!
  http://astalavista.box.sk/
  
  --
  It is dangerous to be right when the government is wrong.
5. Re:Hmm by Anonymous Coward · 2012-01-19 00:22 · Score: 1
  
  Parent said *ASTAlavista* - it was a "hacking" search engine
6. Re:Hmm by mcgrew · 2012-01-19 05:11 · Score: 1
  
  I ask natural language questions at slashdot all the time, and almost always get good answers... from real humans. Which was how AltaVista worked. They didn't use web crawlers, they had humans picking sites. I had a hell of a time getting my site listed with them, although I finally did.
  Infoseek was far better, but still not a Google.
  
  --
  Free Martian Whores!
7. Re:Hmm by Tyrannosaur · 2012-01-19 07:13 · Score: 1
  
  Yes. A tracking cookie.
Re:Honeypot Detected by K.+S.+Kyosuke · 2012-01-18 17:13 · Score: 3, Funny

The last Google of stolen credit cards was run by the FBI.
Can't trust anybody any more. That's the last time I ever give my credit card number to an FBI agent.
You silly. You always have to give an FBI agent someone else's credit card number, that's obvious.

--
Ezekiel 23:20
Othernets are a good idea now by symbolset · 2012-01-18 17:50 · Score: 2

It doesn't look like these guys plan to give up. Eventually the furor will die down and these bastards will get their way. We can't shut down the Internet to protest every day. The idea is to have a tech solution ready before then. IPV6 should help. We have about 3 months to engineer a resilient, fault-tolerant congress-proof Othernet. Hopefully the Right People are all over this, and a solution will come in time to save us from the CNN'ification of the interwebs. I'm really not looking forward to getting my Internet through a VPN to Vanuatu. The ping times totally suck.

--
Help stamp out iliturcy.
See who's searching for YOUR credit card number by Anonymous Coward · 2012-01-18 18:00 · Score: 4, Funny

More importantly, now there's one place where you can enter your credit card number and see who all has been stealing it.
Here's what I'm getting from this article... by brennanw · 2012-01-18 18:44 · Score: 4, Funny

... indentity theives have to create private accounts in cyber crime stores. o_O
When they're buying their batch of stolen credit card numbers, probably with another stolen credit card number, does the store then steal the stolen credit card number and start using it themselves? Which they might then add to the next batch of stolen credit card numbers... which the identity thief might then buy back the next time he buys a new batch of stolen credit card numbers...
... it's the cycle of crime!

--
Eviscerati.Org: All Hail the Eviscerati
1. Re:Here's what I'm getting from this article... by sourcerror · 2012-01-18 22:43 · Score: 1
  
  Yo dawg, I herd you liek stolen cred cards!
baby by alienzed · 2012-01-18 20:18 · Score: 1

i shall return

--
Never say never. Ah!! I did it again!
Just like Google? by CheerfulMacFanboy · 2012-01-18 20:47 · Score: 3, Funny

So they will collect all kind of info about you and sell it to their real customers.

--
Fandroids hate facts.
Fuck natural language searches by Anonymous Coward · 2012-01-18 21:26 · Score: 1

As someone who has been using the internet since before thw www existed (and used Google as early as its second prototype in 1998 and ever since), as well as many other search engines before Google was created (Lycos, Hotbot, Altavista and many, many others) I can say definitively that Google is the success that is today BECAUSE Altavista (note: the op said astalavista, which I think was a search engine aggregator) sucked so badly. In the late 90's, you could only count on an index update on Altavista every 6 fucking months or so! Abd Altavisra was the best of a bad group.
Altavista had some good search options, like stemwords and wildcards and the "near" operator, but its database was a dead pile of shit. It wasn't even steaming. Alravista was good idea in its earlt days, but Digital Equipment (who ownes it at the time) starved it for capital. They were on their downward slide with their hideously overpriced and unbderperfroming Vaxes and uVaxes anyway and they were starved for cash becuae they were arrogant and turbed their noses the internet. hey were pushing big iron and Vaxnet, baby, and they were goiing to tell the world where to go.
Sorry, but fuck natural language searches - thet're for the technically incomperant. If you can't formulate successful Google searches without the anthropomorphizing the seaech, the problem is with YOU, not Google.
Need me some stolen credit cards. by Nyder · 2012-01-18 22:32 · Score: 1

Now let me pay for it with this credit card number. It's real, really. I wouldn't rip you off, sir!

--
Be seeing you...
Is this another Kimble scam? by Anonymous Coward · 2012-01-19 01:06 · Score: 1

Kim Schmitz, aka "Kimble," the snake-oil "hacker" has a thing for the word "mega." He had a custom-built "Megacar," is rumoured to be the one behind "Megaupload.com." And now we have another one, "megasearch."
Attrition.org has a nice dossier on this phoney baloney hacker. Why people keep falling for his scams is beyond me.
1. Re:Is this another Kimble scam? by 3.5+stripes · 2012-01-19 02:37 · Score: 1
  
  Swizz Beats is the Megauploads CEO..
  
  --
  
  He tried to kill me with a forklift!
Re:Honeypot Detected by Kadagan+AU · 2012-01-19 02:37 · Score: 3, Funny

The last Google of stolen credit cards was run by the FBI.
Can't trust anybody any more. That's the last time I ever give my credit card number to an FBI agent.
You silly. You always have to give an FBI agent someone else's credit card number, that's obvious.
I know of a search engine where you can find one to use!

--
This space for rent, inquire within.
Re:bonch is a shill sockpuppet Re:"Underweb" by Toonol · 2012-01-19 03:39 · Score: 1

He's certainly a problem poster, and is doing a pretty respectable job of completely ruining slashdot; but I'm not getting the pro-microsoft angle from him. He's more of an Apple nutjob. Irrationally anti-google, true, and obviously does use multiple accounts.

I hope the slashdot editors are noticing how they're being gamed by this guy. It's costing them readers. If bonch and similar problems aren't fixed, I'm probably going to stop visiting here.
Re:bonch is a shill sockpuppet Re:"Underweb" by tehcyder · 2012-01-19 04:33 · Score: 1

Amusingly though, as you seem to be posting this every time bonch posts anything, you now look like a troll bot yourself.

--
To have a right to do a thing is not at all the same as to be right in doing it
Re:bonch is a shill sockpuppet Re:"Underweb" by ForgedArtificer · 2012-01-25 17:53 · Score: 1

Don't let the door hit you.
Pretty much nobody on the internet cares if you threaten to stop reading their site. Slashdot is no different.

--
The right to offend is central to the right to free speech.