[anti-abuse-wg] VERIFIED[.]IS was - Russian carding... no, Islandic carding... no Belizian carding!

On Wed, 10 Aug 2016 10:41:00 +0530
Suresh Ramasubramanian <ops.lists at gmail.com> wrote:

> “We”?  Unless you actually work for ripe ncc that’s a rather large
> amount of overstatement.
> 

deflecting from the actual issues much? 

 "We" as in us reading this...

I honestly also appreciate contributions by Ronald F. Guilmette, but if
we are going to start reporting crime to this abuse list, we are headed
down a slippery slope...

Better: We stick to abuse, abuse policy discussions and report crimes
to proper authorities. Or are we saying that the various law
enforcement agencies Russian, Icelandic, Belizian are incompetent?

Actually, what are we talking about?

I can stumble onto hate speech, slavery, child porn, identity thieves,
"carders" in the RIPE ip space in the hundreds...

Should we invite and dedicate resources to report all Internet crimes
to this abuse list?

And then?

Will these criminals be prosecuted?

Or are we thinking about forming a sub committee to be in charge of
public hangings? 

Do we have some sort of hearing first or can we just hack some ISP's
range, upload any old site and then hang the company or 'nul-route'
their traffic?

How about us rather being constructive and actually doing something?

Should their be an abuse policy relating to potential criminal
activity, that places a protocol in place for dealing with intel?

or not?

That may actually be a productive abuse discussion...

Instead of filing individual crime reports on this list... - which,
imho, should be first reported to law enforcement (actually - should
only be reported to law enforcement - we have no power, right or no
fair way of evaluating content - only abuse - as in the website attacks
your infrastructure  and/or the website sends you something - and/or
does something abusive. - If someone publishes hate speech, or porn or
whatever - it is NOT abuse... it is potentially - crime - 

Andre

Andre

> 
> On 10/08/16, 10:29 AM, "anti-abuse-wg-bounces at ripe.net on behalf of
> andre at ox.co.za" <anti-abuse-wg-bounces at ripe.net on behalf of
> andre at ox.co.za> wrote:
> 
>     
>     So, you stumbled across some potential criminal activity, then you
>     notified law enforcement and/or Interpol?
>     
>     Or you think that it is a better solution for RIPE to investigate
>     criminal activity and simply to 'nul-route' child pornographers,
>     identity thieves and criminal syndicates?
>     
>     You are saying that you would rather discuss criminal syndicates
> on an anti abuse discussion list?
>     
>     So, we should investigate crimes now and then disable their
> routing or email or what?
>     
>     On Tue, 09 Aug 2016 12:53:34 -0700
>     "Ronald F. Guilmette" <rfg at tristatelogic.com> wrote:
>     
>     > 
>     > I see that there is an interesting and active discussion on
>     > this now. Everyone may be sure that I will be posting further
>     > comments shortly which clarify my personal position on all the
>     > matters discussed so far.
>     > 
>     > In the meantime however, I just realized that I neglected to
>     > clarify how I came to find that VERIFIED[.]IS web site in the
>     > first place.
>     > 
>     > It may not be at all important, but just so everyone knows, I
>     > found that VERIFIED[.]IS indirectly.  First, I stumbled onto
>     > the following web site, which is clearly selling credit cards
>     > *and* also (U.S.) social security numbers (SSNs) and
>     > dates-of-birth (DOBs).  (You can even pick out which U.S. state
>     > you prefer!)  These bits of information are often helpful to
>     > people intent on committing identity theft:
>     > 
>     >    http://www.wellsfargo.lequeshop[.]ru/
>     > 
>     > As you can see, there is an email address on the above page.
>     > It is <mixx at exploit.im>.  I simply googled that email address
>     > and then started to visit the web sites found.
>     > 
>     > One of them was verified[.]is
>     > 
>     > But this criminal carder ... who seems to be Russian... is also
>     > active on many other web sites, presumably selling what he has
>     > to offer in many different forums.
>     > 
>     > 
>     > Regards,
>     > rfg
>     > 
>     
>     
>     
> 
> 
>