A notorious hacker known as “Rescator” is at the center of a major stolen credit card trading ring, a new report reveals.
Between December 2013 and February 2014, a high-profile seller named Rescator sold over 5 million stolen credit cards. That’s a giant figure. Group-IB reports that in the last year the marketplace has only seen 5.5 million new stolen cards listed, meaning that Rescator dominates the site.
But it’s not just the SWIPED card site that Rescator operates on. He also runs his own illegal marketplaces for card data, including rescator.so, rescator.cc, rescator.la, among others.
Being a major player in the stolen credit card industry does make an individual more vulnerable being hacked themselves. Softpedia reports that one of Rescator’s sites was hacked in March, defaced with a message, and a Will Smith music video.
Here’s what the site looked like after it had been hacked:
Rescator is also connected to the 2013 credit card hack that affected up to 70 million Target hackers. His username is found in the source code of Kaptoxa, the malware program that hackers used to to gain access to Target’s point of sale systems and steal the credit card data.
A 2013 investigation by journalist Brian Krebs led him to discover a man living in Ukraine who may be Rescator: Andrey Hodirevski. Krebs traced Rescator’s online post history and websites, using it to develop a picture of the hacker’s life. He found photos of Hodirevski that matched photos of Rescator that had been uploaded to a variety of hacking forums. However, there’s no proof that Hodirevski is Rescator.