Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

The parabola of a prolific cyber-criminal known as Dton

Check Point researchers detailed the activity of a prolific cyber-criminal known as ‘Dton’ that earned at least $100,000 US from his operations. Over the past few months, experts at Check Point have monitored the activity of a prolific cyber-criminal known as ‘Dton’. The man is active at least since 2013 and already earned at least […]

credit card shop dton

Check Point researchers detailed the activity of a prolific cyber-criminal known as ‘Dton’ that earned at least $100,000 US from his operations.

Over the past few months, experts at Check Point have monitored the activity of a prolific cyber-criminal known as ‘Dton’. The man is active at least since 2013 and already earned at least $100,000 US from his ‘work,’ but researchers believe he has earned several times that amount.

The experts were able to identify the man, his name is Bill Henry (25) from Benin City, Nigeria, his criminal activity include the theft of credit cards, phishing and malware attacks.

“Bill / started out by speculating a little:  he spent around $13,000 buying the details of 1000 credit cards from a special online marketplace specializing in stolen payment card credentials.” reads the report published by Check Point. “With each stolen card – costing around $4 to $16 each – Bill usually tried to charge about 200,000 Nigerian Naira (NAN), equivalent to around $550 US. If the transaction is blocked, he tries another merchant, or another card until one succeeds. From his ‘investment’ in the 1000 stolen cards, Bill has been able to charge at least $100,000.”

Dton’s criminal carrier begun with the purchase of stolen credit card data from Ferrum Shop, then he was able to fraudulently charge them $550 each earning over $100,000.

credit card shop dton

Over the years, Dton also started a new prolific activity buying tools to launch malspam campaigns aimed at distributing custom-built info-stealing malware.

The man used the malware to steal credit card data allowing him to increase the profits.

According to the researchers, Bill is not a lone wolf, he is part of an organization that pays him for his work.

Then Dton’s activity continues to grow, it orchestrated a spam campaign aimed at distributing a custom-RAT disguised as innocuous email attachments.

Bill / Dton is not a coder, he paid an expert named ‘RATs &exploits’ to develop his custom-malware. 

But Bill has no honor code, and compromised the computer of ‘Mr RATs &exploits’ with a RAT, so he could spy on his work. 

“When that wasn’t enough, he also engaged – and then fell out with – another shady character behind a specialized malware packer program, by arguing with him on underground forums over prices and usage.  The result was that when Bill / Dton didn’t get what he wanted, he reported the other party to Interpol.  The cyber-crime economy is certainly a rat-eat-rat world – but all the while and despite these minor setbacks, Bill / Dton carried on earning illicit cash.” continues the report.

Dton’s history demonstrates that it is quite easy, even for relatively unskilled individuals, to enter in the cybercrime arena.

The model of sale known as Cybercrime-as-a-Service, makes it easy to arrange criminal activities such as massive malspam campaigns.

Unfortunately, there are millions of people online that have no idea about cybercrime activities and for this reason they are easy victims of people like Dton.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Dton, cybercrime)

[adrotate banner=”5″]

[adrotate banner=”13″]