It’s not uncommon for crooks who peddle stolen credit cards to seize on iconic American figures of wealth and power in the digital advertisements for their shops that run incessantly on various cybercrime forums.
Loyal readers will recall the stolen credit card shop “Rescator” — which was the main source of cards stolen in the Target, Home Depot and Sally Beauty breaches (among others) — was tied to a Ukrainian man who authored a nationalistic, pro-Russian blog which railed against the United States and called for the collapse of the American economy.
In deconstructing the 2014 breach at Sally Beauty, I interviewed a former Sally Beauty corporate network administrator who said the customer credit cards being stolen with the help of card-stealing malware installed on Sally Beauty point-of-sale devices that phoned home to a domain called “anti-us-proxy-war[dot]com.” Trump’s Dumps currently advertises more than 133,000 stolen credit and debit card dumps for sale.
The prices range from just under worth of Bitcoin to more than in Bitcoin, depending on which bank issued the card, the cardholder’s geographic location, and whether the cards are tied to premium, prepaid, business or executive accounts.
Trump’s Dumps is currently hosted on a Russian server that caters to a handful of other high-profile carding shops, including the long-running “Fe-shop” and “Monopoly” dumps stores. Secret Service, which has the dual role of protecting the President and busting up counterfeiters (including credit card theft rings), declined to comment for this story.
Sites like Trump’s Dumps can be taken offline — by forcing a domain name registrar to revoke the domain — but the people responsible for running this shop have already registered a slew of similar domains and no doubt have fresh bulletproof hosting standing by in case their primary domain is somehow seized. For now, I’m disinclined to believe much about a dox supposedly listing the Trump’s Dumps administrator’s various contacts that was released by one of his competitors in the cybercrime underground.