This ‘Yelp for Cybercrime’ Wants to Help Hackers Avoid Getting Scammed
There’s now a website where cybercriminals can name and shame other cybercriminals who have swindled them.
Image: Minerva Studio/Shutterstock
Just like in the real world, there's no honor among cyber thieves.
The internet's underground is filled with cybercriminals selling and exchanging your old MySpace or LinkedIn passwords, or your credit card number, for a few bucks. But for every hacker peddling valuable new stolen databases or credit cards there's one trying to sell recycled or just plain made up data.
Now, a new website wants to name and shame the cybercriminals who try to scam their own competitors and industry colleagues. It's sort of a Yelp for criminal hackers, where anyone can post bad reviews of "rippers," the hacker's lingo for someone who has a history of defrauding people, in the hopes of warning others not to fall for their shakedowns.
"This Lier [sic], is a shame for our community," writes a reviewer in a post titled "a seller of loads fucked me 240$," which includes a chat log as proof. "This bastard took 250 $ from me without sending the loads (he sent 40 instead of 500), after i complain he deleted the task and dont reply !!"
The website, Ripper.cc, appears to have been launched in the summer of 2016 via a post on a hacking forum called Exploit.in. Digital Shadows, a security firm that scours the dark web and hacking forums, wrote about the website in a blog post on Tuesday.
So far, the site contains more than 1200 profiles of rippers, including Tessa88, a hacker who became notorious last year for offering several large hacked databases, including those of MySpace and LinkedIn, and who was accused of being a scammer months later.
Ripper's creators not only have made a clean-looking platform for shaming cybercriminals, but are offering Chrome and Firefox extensions that highlight accused rippers on forums and websites, as well as a chat plugin that will alert whoever uses it if they come across a scammer while talking on Jabber, a popular protocol for chat.
As Digital Shadows noted, Ripper isn't a completely novel idea.
Plenty of hacking forums have their own blacklists of fraudsters, and there has been a Russian equivalent, called Kidala, for years. But Ripper is mostly in English, and its main novelty is that its creators are trying to be transparent by putting the source code of their plugins on Github, and claiming they won't allow accused rippers to get off the list just by paying a fee, as is possible on Kidala, according to Digital Shadows.
"This bastard took 250 $ from me"
"They're definitely trying to do something different [...] They're trying to be as legit as you can be in this particular market," Rick Holland, vice president of strategy at Digital Shadows, told Motherboard in a phone call. "However, because of what this is, it's always suspect."
In other words, this site could be itself a scam. What's stopping anyone from uploading fake reviews in an attempt to discredit a competitor? If there are people making fake Yelp or Amazon reviews, there will be fake Ripper reviews as well, Holland argued.
After Motherboard published this story, someone identifying themselves as "ad0," one of the founders of the website, reached out via encrypted chat.
Ad0, which is the same nickname used by the person who announced Ripper.cc last summer, said the website isn't just for cybercriminals.
"We not for crime informer [sic]. We want work with all internet," ad0 told Motherboard."
The hacker added that there are scammers outside of the hacking world as well, and they want to expose those individuals as well. Ad0 also claimed that no submission goes unchecked by the administrators, who act as arbiters who check that the accusations are authentic.
Several hackers consulted by Motherboard doubted that Ripper's could make a real difference.
"In my experience people don't usually scam twice," a hacker who asked not to be named told Motherboard in a chat. "You should really only deal with people you know and have had conversations with. But there is a sucker born every day I suppose lol."
The hacker also said he wouldn't use the plugins because they'd be paranoid they could hide malicious code, and also because "word gets around pretty quick who to do and who to not do business with."
Yet, as BestBuy, a well-known hacker selling stolen data and botnets to attack websites, told Motherboard, "it would be nice to know of scammers."
This story has been updated to include comments from Ripper.cc's admin ad0.
Get six of our favorite Motherboard stories every day by signing up for our newsletter.