A Password Site - Shut The Hell Down!
 

Well, remember this site you guys posted about before?
I signed up just to see what was going on with it.... I found out
everything they were up to and got some local law enforcement
involved. They had passwords, stolen credit cards and more....

Here is the email they sent to their member base....

From: [email protected]
Subject: PASSNETVIPFORUM INFO
Date: June 3, 2005 8:27:09 PM PDT
To: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], and 32 more...

OUR SITE GOT DOWN BECAUSE ALL OUR DATABSSE WILL BE ANALIZED BEFORE GETTING ONLINE AGAIN, THE ADMIN ARE SCANNING ALL THE FORUM TO CHECK IF THERE IS NOT ANY ILLEGAL ACTIVITY SORRY FOR THE INCONVENIENCE
THANKS

__________________________________________________ _______________
T1msn Hotmail Plus. Más espacio, más funcional http://join.msn.com/?page=features/e...w.t1msn.com.mx

Nice work Chris!!! I'm sure we can all appreciate your leg work...

:1orglaugh :1orglaugh :1orglaugh

Eh, looks like you scared them straight but there is nothing law enforcement can do to the owners unless they were posting hacks or credit cards themselves.

if law enforcement got involved... i doubt they would have had a chance to email their members.. it would have been seized in a warrant

Law enforcement can't stop them from running a forum. The members are responsible for their own shit they post. Otherwise aol, yahoo, and all other big sites would be shut down already.

their in another country & probably don't care no doubt

fuckn russians

no speaka the engrish :/
yeah, that site's probably up again somewhere else...

wrong..the data is on your server...say people post credit card #'s on your server... you better bet your ass you could get in trouble for that

What kind of Mini Van?

If the admins opened the website for hacking/cracking and actively promoted the activity, then yes, they can be charged with conspiracy to commit what ever crimes the posters will be charged with.

BTW... The FBI has a very well funded cyber crimes division with some very talented people and local offices all over the US.

"OUR DATABSSE WILL BE ANALIZED"

that sounds brutal :1orglaugh

this may be correct but i recall someone saying there was a court case about this.... i searched a bit but can't find a link (if it exists). anyone else?



..

:1orglaugh :1orglaugh :1orglaugh

I offered myself as a witness. The owners of that site contact me on AIM and in email saying "I have uploaded new credit cards, thank you for your patronage".

LOL!!

I am a paying member of that site... a seed if you will. :-)
So they are in trouble now big time... I set them up. LOL

Cancelled my credit card and got a new number shortly after signing up by the way.

good job bro!

I was just notified that there were about 113 credit card transactions that hit my cancelled credit card number just after I signed up there. THOSE IDIOTS were RAPING their own member base...... Thank god I cancelled the number cuz I b smart.
:-)

That is even more evidence since they were the ONLY ones who had that card number.

suckssss

What a bunch of losers

UPDATE.....


I just got an email from the owner of that site who was emailing all the members...
I bet he had a local copy of the database on his computer....

He is in even more trouble now....


From: [email protected]
Subject: VIP INFO
Date: June 5, 2005 9:03:52 AM PDT

(BEFORE I WRITTE SORRY FOR MY ENGLISH BUT I SPEAK SPANISH)
WHAT HAPPENED TO THE FORUM?
WELL ON JUNE 2 SOME MEMBER OF THE BOARD, ADDED CHILD PORN TO OUR FORUM MANY MANY ABOUT THIS ILLEGLA STUFF AND THE SAME DAY HE REPORT US TO THE ADMIN OF THE SERVER THEN OUR SITE GOT CLOSED BY THIS BUT I WILL OPEN THE SAME FORUM WITH ANOTHER HOST AND ALSO I WILL OPEN ANOTHER FORUM
MAYBE WILL BE TWO
THIS OPENING FORUMS WILL BE NEXT WEEK SO TELL TO YOUR FRIENDS
I ILL CONTINUE EMAILING YOU!!!
THANKS!!!!

__________________________________________________ _______________
MSN Premium. Protégete, Comunícate y Diviértete http://join.msn.com/?pgmarket=es-mx&....t1msn.com.mx/



He wont be going up so long as I am in his member database. :-)
Also the CP he refers to was posted by the sites co-owner, not a member. lol

hahah owned

Hey, just got another email..... and thier new host is already on it! lol


From: [email protected]
Subject: WE ARE BACK
Date: June 5, 2005 4:31:04 PM PDT

CHEC THE FORUM AND I THINK IT WILL BE DOWN AGAIN FOR OTHER REASONS SO I AM CREATING A NEW OTHER FORUM I ILL TELL YOU WHICH ONE
BUT I ILL DO MY BEST TO GET THE BOARD ON VERY WELL ANY WAY I AM WORKING HARD FOR ALL THE MEMBERS
SORRY
AND THANKS FOR BE INTERESTED

__________________________________________________ _______________
T1msn Fotos: Todo lo que quieres saber sobre fotografía digital http://search.t1msn.com.mx/

Good work :thumbsup

:thumbsup :thumbsup :thumbsup

wow good job!

http://passnetvipforum.com/forum/index.php

Dont seem to be down.

Well done dude!

it will be up again on another provider. in a week or 2, happpens with every password forum.

I just got off the phone with their new host.... they are going to shut them down as well. :-)

:1orglaugh :thumbsup

I got them on the run!

Special thanks to EpicCash for allowing us to track the attacks from these jerks.
Their team has been VERY involved in helping me gather forensics...
I hope I didnt spell that wrong. :-)

So today, ME, being a member of their board and all, received the following email
after I got them shut down once again. I must admit, they are trying hard to keep
their customers happy... Even emailing them passwords now. I hope this trend stops.

I will continue to shut them down everywhere they go. Im on a mission.

(PASSWORDS HAVE BEEN CHANGED BY ME TO PROTECT THE RESPECTIVE SITES
as THEY STILL WORK.)

And the email reads....

From: [email protected]
Subject: SORRY FOR THE BOARD OFFLINE BUT HERE YOU HAVE
Date: June 12, 2005 5:47:31 AM PDT

http://knigfht117:[email protected]/
http://polflock1:[email protected]/indexNF.html


http://www.blacksweeties.com/login/login.cgi

olympic:74337747
mebert:mayn3or
monauni:grmspsi
rickroyal:majaor2
minceyt:1a2aab3c
parothd:yang3kees
okg8mon:8888dgf8888
mickyd:greedd44
rallek:qaywsdw3x
natsass:natsfefget
pdiogo:placeghybo1
moverfe:stacethyj

http://jade122:[email protected]/index.html (65.64.31.217:8000)
http://jmoser:[email protected]/index.html (219.22.166.32:8080)
http://gvrgd900:[email protected]/index.html (host-148-244-150-58.block.alestra.net.mx:80)
http://forced:[email protected]/index.html (213.13.117.245:80)
http://guitar:[email protected]/index.html (217.125.102.198:80)
http://gigrl78:[email protected]/index.html (67.39.161.11:8080)
http://gf1gt050:[email protected]/index.html (210.226.122.242:2301)
http://hollyfb:[email protected]/index.html (220.132.154.177:80)
http://telrly5:[email protected]/index.html (67.102.57.230:444)

http://www.oldfartfuckin.com/members/

desr03:narsctar
Nobody:zufgang
ripsy69:12345f36

http://gollum:[email protected]_Home.html
http://1rixware:[email protected]_Home.html
http://patri33ck:[email protected]_Home.html
http://grbgr35b:[email protected]_Home.html

__________________________________________________ _______________
T1msn Hotmail Plus. Más espacio, más funcional http://join.msn.com/?page=features/e...w.t1msn.com.mx

bump
bump

good work bro :thumbsup

Update... received this email again today after getting them shut down once again....


Return-Path: <[email protected]>
Received: from hotmail.com (bay17-f28.bay17.hotmail.com [64.4.43.78])
by mx01.splitinfinity.net (8.12.10/8.12.10) with ESMTP id j5GIQEkD018702
for <[email protected]>; Thu, 16 Jun 2005 11:26:14 -0700
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
Thu, 16 Jun 2005 11:49:14 -0700
Message-ID: <[email protected]>
Received: from 200.64.86.78 by by17fd.bay17.hotmail.msn.com with HTTP;
Thu, 16 Jun 2005 18:49:13 GMT
X-Originating-IP: [200.64.86.78]
X-Originating-Email: [[email protected]]
X-Sender: [email protected]
From: "NETSPLOITER NETSPLOITER" <[email protected]>
Bcc:
Subject: PASSNETVIPFORUM WILL BE ONLINE AGAIN TODAY!!!
Date: Thu, 16 Jun 2005 18:49:13 +0000
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1; format=flowed
X-OriginalArrivalTime: 16 Jun 2005 18:49:14.0117 (UTC) FILETIME=[174ECB50:01C572A4]



ENJOY WE WILL BE BACK TODAY

SORRY

__________________________________________________ _______________
T1msn Search. Todo lo que buscas ahora más rapido
http://search.t1msn.com.mx/

New Info
 

Hello ---- I found your site by doing a Google search using this guy's email address. He has been hacking into my board for fun for the last 2 weeks. We have nothing for him to steal -- we are a figure skating board -- no adult content at all.

I reported him to the FBI, cert.org, us-cert.gov, his host (who in turn filed a report with the Mexican authorities), PayPal (he tried to extort money from me using his PayPal account), and Yahoo (this is the email address he was using [email protected]). I also reported him to a couple of ISP's based on IP's that he was using, but I quickly realized that he was using a Proxy (countries ranged from Brazil to Uruguay to Mexico). I think his phone number is +52.5527280574 -- this was identical on old and new DNS records, though the address in Mexico changed. I'm pretty sure his first name is Rodrigo, but his middle and last names are fuzzy (they were different on the two DNS records I saw). We were able to get his host to shut him down today, but it appears he has already found alternate hosting (netwunders.com).

I emailed the new hosting company's CEO and in addition to all the information I had, I emailed him a copy of this thread.

Since you all have more experience in this than me, is there anything else I should do? Anyone want to call him? Or sign him up for Christian news groups? Just kidding ---- Seriously though, any other suggestions would be greatly appreciated.

Owned. Mother fuckers.

Actually, I just realized I might have contacted the wrong new host. Someone help me figure out who it is?

I think you did about the best you can the legal way. Good job.. :thumbsup now people can keep an eye out for him..

whats the site ?

this is a hoot! gj man :winkwink:

the site is www.passnetvipforum.com

1 down, 500,000,000 to go....

There are no actually that many password sites in the net.

And actually they exist mostly because many paysite owners do not care about their passwords being shared.

good work bro, hopefully they get shut down

A for effort..good work..one less to think about

I'm not a bro ;) bugs me that the hacker keeps calling me that...

Well he shut down my site again --- it now forwards to http://www.magicpassforum.com/forums/index.php.

Here is his old site www.passnetvipforum.com -- he put up a message about being investigated by the authorities.

:-)


Email me and I will give you their info: [email protected]

I have been fucking with that hacker for a long time and I have his home address now and etc....
:-)

Wisconsin of all places!@

Wrong... AOL, MSN, Yahoo and Google have expressed that it is not acceptable to password trade, etc, etc in their TOS.

Password trading forums have no TOS and the mods and admins also engage in posting the passwords... This means they indeed can be shut down and held liable...

In addition, the forums name, headers and other materials/sections created by the admins contained wording that suggests the boards sole purpose is for password trading.

This is right about the time a Woj script used to come into effect...