Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Investigators find famous DJ's credit card details for sale

Armin Van Buuren appears to be a potential cybercrime victim

Armin Van Buuren is one of the world's most well-known trance music DJs. He also apparently has had his credit card details stolen.

Investigators with Ultrascan, a company that investigates credit card fraud and other kinds of online crime, were doing research on forums and systems used to sell credit card numbers, said Frank Engelsman of Ultrascan.

One analyst was using the ICQ instant messaging system where cybercriminals had set up an automated account to sell credit card numbers. Their ICQ user name was run by a bot, which automatically responds to certain commands.

A potential buyer for stolen credit card details sees a greeting: "Hello welcome to ICQ bot. Press '1' for Russian. Press '2' for English." After pressing "2," users get three selections: "1. Buy CVV, 2. Checker 3. Account," according to a screen shot supplied by Ultrascan.

When CVV is selected, the buyer sees how many credit card details are available, sorted by country. From the screen shot, it was possible to see that some 19,046 U.S. card numbers are for sale, 7,843 from the U.K. and more from other countries such as France, Italy and the Netherlands.

After picking the Netherlands, the bot offered up the truncated details for four cards and the names of those cardholders, one of which was named "Armin Van Buuren."

The Ultrascan researchers immediately recognized Van Buuren's name. They bought his card details, and the bot returned the DJ's full credit card number, the three-digit security code on the back of the card and the name of his bank.

Ultrascan contacted Van Buuren's management agency in the Netherlands. An official at the management agency on Friday confirmed they had been contacted.

It's not known if his credit card details were ever used, but Engelsman said cybercriminals typically do not "double sell" details. The details cost US$6, Engelsman said.UItrascan does not normally buy stolen credit card details but did in that case to prevent Van Buuren's from being used, he said.

From the format of the data, it appears that a database of credit card numbers was hacked, Engelsman said. Credit card companies, retailers and other data processors have taken steps in recent years to shore up the security of their processing systems to prevent such attacks, but data breaches still occur.

Engelsman said Van Buuren's credit card company called Ultrascan on the DJ's instruction, and Ultrascan informed the company of the problem.

Van Buuren's situation is hardly unique. Computer security analysts for years have warned how cybercrime has turned into an underground economy, with hackers stealing credit card numbers and offering them for sale in forums where there are other fraudsters that specialize in abusing financial details.

"Everybody can be a victim," Engelsman said. "It doesn't matter who you are."

Send news tips and comments to jeremy_kirk@idg.com

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: ICQ
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Ultrascan, security, fraud, Credit card fraud, Armin Van Buuren
Latest Blog Posts
Whitepapers
  • Top Ten Considerations when Deploying IT Operations Management in the Cloud
    IT organisations must be able to quickly deliver and securely manage new business and IT services at fraction of the cost. This means that every IT organisation must reconsider how they approach IT operations and business service management. As a result, many IT organisations are looking to the cloud for its promised benefits of reducing total cost of ownership, requiring less technical skill set and very fast time to value.
    Learn more »
  • Realising the benefits of FTP consolidation
    Businesses today are experiencing a growing demand to move high volumes of data both internally and externally. Accordingly, File Transfer Protocol (FTP) servers are proliferating among individual departments and raising traffic levels with customers and suppliers. While vital information is flowing, security threats are also increasing dramatically, some of them malicious in the extreme, and the ad hoc nature of internal expansion means that it has become difficult not only to maintain security but to control necessary cost and quality factors. In response, competitive businesses have identified FTP consolidation as a priority to minimise security risks, reduce costs, and gain better control of their own operations. This white paper explains and explores the opportunity and benefits of FTP consolidation.
    Learn more »
  • Simplifying branch office security
    Securing your business network is more important than ever. Malware, botnets and other malicious programs threaten your network—at your central offices and your branch offices alike. Yet enforcing consistent network security throughout your enterprise can be challenging—especially for those of you with branch offices with few users and no IT expertise. This paper introduces a new standard—an innovative, unified, cost-effective solution for managing branch office security, with centralised reporting and a clear process for determining return on investment (ROI).
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.

HP and IDG news, product videos and resources