Push in the right direction

[Фантом1154]

Hey i am new to this forum i was wondering if you guys would be so kind to help me. i recently have seen not much progress with this path to knowledge i am throwing a shot in the dark. as of late i have been trying to acquire knowledge on stealers and how to put the info from logs to use. I soon realized that running my own is the smartest way, or at least i hope it is. i first installed qubes os a few months ago and linux only a few before that. I would truly appreciate any knowledge on how to use them or even if qubes is best for this or if cookies from stealer logs are still fine to use or where to acquire them. any help would be truly appreciated so much as i have had a serious matter arise that requires me to make money asap



also if anyone can help me with a few of these questions i would appreciate it:



- is qubes dvm suitable to pass antifraud if you inject cookies and if so how would you be able to spoof there fingerprint other then foxyproxy and cookie injector

- is learning how to use my own stealer even worth it or is it just more work

- is using a llm in a seperate qube a good idear to help me learn and which one

- would another vm program with windows on that be more suitable or would a dedicated device be more helpful



thank you for your time to read this novel

 

[vei]

if you are to use the user data, i recommend you use windows as it is most likely the os they use.

qubes has nothing to do with anti fraud. it is a privacy based distro. for success you need residential ip with low fraud score in same area of the user data. browser fingerprint should appear as normal user. the goal is to appear as close to the original user as possible when using their account. the best disguise is to appear like everyone else, not to be hidden from sight. antifraud is looking for the not normal behaviors, especially like ips coming from tor or user agent it never seen before on the account.

good malware is as close to be undetected during runtime and during download. not because of how many features it has. it is how well it is crypted, how well it is obfuscated and its instructional path and true intentions hidden. running your own stealer is worth it if you are able to bring traffic to it, yes. this is a whole different game.

you will learn more from trying and failing than you will learn from llm. for example, if you are using dumps, learn how track data is read, how the chip works, tips and tricks for success. how to handle things when it fails and avoid it, how to handle when there is success and how to replicate it. llm might help with info of how things work, but it trying yourself over and over will be the only way you learn tricks. failure leads to finding tricks too. i pass fraud protection once because i enter short name on card and support contact me to fix, push order through and it bypass fraud department. this mistake taught me a valuable lesson that llm would never teach for example.

setup clean windows, do not log into real accounts and keep it separate. you do not want same malicious proxy ip showing up for your real accounts too during the time of using it. appear like normal user, browse, add to cart, remove, warm up, login with emails that are not from large companies like gmail, etc.

you say you need money asap, so does many many people. if it was simple and result in overnight success, no one would be robbing banks and doing dumb things for money. this is a skill you learn over time, it is worth the result but expect to invest more than you profit in the start of things. maybe combine multiple directions, such as pursue drainers which lead to malware if you are already bringing traffic instead of only pushing malware.

 

[Фантом1154]

if you are to use the user data, i recommend you use windows as it is most likely the os they use.

qubes has nothing to do with anti fraud. it is a privacy based distro. for success you need residential ip with low fraud score in same area of the user data. browser fingerprint should appear as normal user. the goal is to appear as close to the original user as possible when using their account. the best disguise is to appear like everyone else, not to be hidden from sight. antifraud is looking for the not normal behaviors, especially like ips coming from tor or user agent it never seen before on the account.

good malware is as close to be undetected during runtime and during download. not because of how many features it has. it is how well it is crypted, how well it is obfuscated and its instructional path and true intentions hidden. running your own stealer is worth it if you are able to bring traffic to it, yes. this is a whole different game.

you will learn more from trying and failing than you will learn from llm. for example, if you are using dumps, learn how track data is read, how the chip works, tips and tricks for success. how to handle things when it fails and avoid it, how to handle when there is success and how to replicate it. llm might help with info of how things work, but it trying yourself over and over will be the only way you learn tricks. failure leads to finding tricks too. i pass fraud protection once because i enter short name on card and support contact me to fix, push order through and it bypass fraud department. this mistake taught me a valuable lesson that llm would never teach for example.

setup clean windows, do not log into real accounts and keep it separate. you do not want same malicious proxy ip showing up for your real accounts too during the time of using it. appear like normal user, browse, add to cart, remove, warm up, login with emails that are not from large companies like gmail, etc.

you say you need money asap, so does many many people. if it was simple and result in overnight success, no one would be robbing banks and doing dumb things for money. this is a skill you learn over time, it is worth the result but expect to invest more than you profit in the start of things. maybe combine multiple directions, such as pursue drainers which lead to malware if you are already bringing traffic instead of only pushing malware.

thank you brother your truly a great help i understand it is a long path to learn. i was wondering is it better to have a dedicated windows laptop for the fraud or is it better to load linux on it and use a vm program to have windows on it or do i continue to use this device with qubes where i can create disposable vms which i could learn to match user agent and ip to the victim. or is a RDP more useful.

would the be useful threads on this forum or other sites you would recommend for me to get this malware or drainers

 

[vei]

thank you brother your truly a great help i understand it is a long path to learn. i was wondering is it better to have a dedicated windows laptop for the fraud or is it better to load linux on it and use a vm program to have windows on it or do i continue to use this device with qubes where i can create disposable vms which i could learn to match user agent and ip to the victim. or is a RDP more useful.

would the be useful threads on this forum or other sites you would recommend for me to get this malware or drainers

happy to help. i can only say what i use. depending where you live, opsec might be needed. if you are in countries where there is no risk of arrest for committing the fraud, then a windows vm is good enough.

if you have legitimate worries that your actions could result in arrest, get yourself a usb, install a bootable linux with LUKS on it. boot into it, create a veracrypt folder, create a window vm and then work from there. but again, this is only meant for opsec and projecting from being caught for fraud, it does not help the actual fraud itself and if your proxy is logging or your ip leaks, no amount of opsec will protect you.

for fraud, it is 90% client side data that is analyzed to check your fingerprint. other than your ip location and if your ip can be detected as a proxy or vpn or data center, etc, the focus should be on appearing like a normal user that isn't using a "fresh install" of a browser for example.

 

[Фантом1154]

happy to help. i can only say what i use. depending where you live, opsec might be needed. if you are in countries where there is no risk of arrest for committing the fraud, then a windows vm is good enough.

if you have legitimate worries that your actions could result in arrest, get yourself a usb, install a bootable linux with LUKS on it. boot into it, create a veracrypt folder, create a window vm and then work from there. but again, this is only meant for opsec and projecting from being caught for fraud, it does not help the actual fraud itself and if your proxy is logging or your ip leaks, no amount of opsec will protect you.

for fraud, it is 90% client side data that is analyzed to check your fingerprint. other than your ip location and if your ip can be detected as a proxy or vpn or data center, etc, the focus should be on appearing like a normal user that isn't using a "fresh install" of a browser for example.

Your a massive help brother thank you so much and please if you have any other suggestions on which software is best suited for this task or which would be best to use to run window e.g virtualbox and VMware or how to configure best the vm with the fingerprint or any other tips / insights please let me know. This has truley helped me

 

[vei]

Your a massive help brother thank you so much and please if you have any other suggestions on which software is best suited for this task or which would be best to use to run window e.g virtualbox and VMware or how to configure best the vm with the fingerprint or any other tips / insights please let me know. This has truley helped me

the type of vm does not matter. vmware, virtualbox, they are all the same. personally here is what i do:

vmware gives an option to install a windows OS directly from windows, which is convenient. in older days, i would install a custom stripped down windows vm with everything non essential removed, but the days of max 4gb ram are gone. it is also easy to quickly torrent the paid version of vmware.

i am assuming you are already booting your OS directly from usb, not your hard drive, and that you already have a veracrypt encrypted partition mounted to create the vm in.

connect to a non-logging vpn when downloading windows, you can easily tell which does not share data by looking up previous warrants against the vpn from your country to give up user data for a terrorist that used it or something. you can also use qubes for this and rely on tor instead of a vpn.

once the windows vm has been installed, you can google for the activator .bat files on github to activate your windows. this doesn't really make a difference but i prefer it since some non-activated window settings are locked.

you will have to connect your windows machine with a microsoft @live.com account during this process so make one while using vpn/tor on your usb-booted linux usb. if you activate your windows later, you can remove the account from windows after it starts up.

i spend another day or some downloading browser extensions that normal people would use so that it changes my browser fingerprint, as a fresh install has very obvious fingerprints. do not log into any account you use in your real machine, keep real life identity and online separate. from here it all about small and big tricks you develop yourself or learned, but you have a vm now. i would highly recommend you look at what an antidetect browser does and try to implement the same so it appears like it is not in a vm, etc. in todays world, you cannot simply install a few extensions any bypass it anymore. many of these anti detects are recompiled browsers that spoof your modified fingerprint at the lowest level.

configure your box to your liking, such as automated proxy on startup, kill network if proxy dies, turning off webcam, gps, etc, preparing scripts to automatically change things, testing and improving fingerprints, etc. when you are happy with it, create a snapshot and revert to it after doing what you plan on.

it is not about being sophisticated, that is for hiding long term against police and constant monitoring. for this, there is a lot more that needs to be done and learned, and this tutorial is not meant for that. opsec is still very important but you don't need a castle to defend against a single soldier unless that soldier has an army that will be interested in you after seeing what you are doing. for typical fraud related things that are quick hit and run, you have a nice little sandbox now where you can blend in like the normal user doing normal purchases and online activities.

but truthfully, a vm will not help you if you do not expand from here, such as your ip is a known vpn or proxy, not residential like the person you are trying to pretend to be, too far from the location of where it should be like a cardholders billing address, or the billing info is wrong, or you are not prepared for them to call to verify an order, fingerprint is incorrect like small ram for a macbook, etc etc. that is where the real magic happens. this only gives you the environment to begin on. the vm is only 5% of what is important and might not even be needed if you are not in a country where you can be touched.

 

[Фантом1154]

the type of vm does not matter. vmware, virtualbox, they are all the same. personally here is what i do:

vmware gives an option to install a windows OS directly from windows, which is convenient. in older days, i would install a custom stripped down windows vm with everything non essential removed, but the days of max 4gb ram are gone. it is also easy to quickly torrent the paid version of vmware.

i am assuming you are already booting your OS directly from usb, not your hard drive, and that you already have a veracrypt encrypted partition mounted to create the vm in.

connect to a non-logging vpn when downloading windows, you can easily tell which does not share data by looking up previous warrants against the vpn from your country to give up user data for a terrorist that used it or something. you can also use qubes for this and rely on tor instead of a vpn.

once the windows vm has been installed, you can google for the activator .bat files on github to activate your windows. this doesn't really make a difference but i prefer it since some non-activated window settings are locked.

you will have to connect your windows machine with a microsoft @live.com account during this process so make one while using vpn/tor on your usb-booted linux usb. if you activate your windows later, you can remove the account from windows after it starts up.

i spend another day or some downloading browser extensions that normal people would use so that it changes my browser fingerprint, as a fresh install has very obvious fingerprints. do not log into any account you use in your real machine, keep real life identity and online separate. from here it all about small and big tricks you develop yourself or learned, but you have a vm now. i would highly recommend you look at what an antidetect browser does and try to implement the same so it appears like it is not in a vm, etc. in todays world, you cannot simply install a few extensions any bypass it anymore. many of these anti detects are recompiled browsers that spoof your modified fingerprint at the lowest level.

configure your box to your liking, such as automated proxy on startup, kill network if proxy dies, turning off webcam, gps, etc, preparing scripts to automatically change things, testing and improving fingerprints, etc. when you are happy with it, create a snapshot and revert to it after doing what you plan on.

it is not about being sophisticated, that is for hiding long term against police and constant monitoring. for this, there is a lot more that needs to be done and learned, and this tutorial is not meant for that. opsec is still very important but you don't need a castle to defend against a single soldier unless that soldier has an army that will be interested in you after seeing what you are doing. for typical fraud related things that are quick hit and run, you have a nice little sandbox now where you can blend in like the normal user doing normal purchases and online activities.

but truthfully, a vm will not help you if you do not expand from here, such as your ip is a known vpn or proxy, not residential like the person you are trying to pretend to be, too far from the location of where it should be like a cardholders billing address, or the billing info is wrong, or you are not prepared for them to call to verify an order, fingerprint is incorrect like small ram for a macbook, etc etc. that is where the real magic happens. this only gives you the environment to begin on. the vm is only 5% of what is important and might not even be needed if you are not in a country where you can be touched.

is there any software in paticular you use to cloak your vms so there not detected. also i was wondering if i should just use kali instead with a luks usb and if so what tools on there would be worth a look. i know you can run kali as a vm on qube so it makes sense to just go with that route plus cant run a local hosted llm vm through a usb and also disposable vms. it seems like the best solution is to run a windows vm on qubes and to set specific peramiters that would be the same as the victum i.e same ip, mac address, same session cookies. Is there any stealer malware you reccomend and also is there any ai you reccomend to locally host and do you think qubes itself is best to host the vm or should i use vmware

sorry for the barrage of questions i am just eager to learn

 

[vei]

is there any software in paticular you use to cloak your vms so there not detected. also i was wondering if i should just use kali instead with a luks usb and if so what tools on there would be worth a look. i know you can run kali as a vm on qube so it makes sense to just go with that route plus cant run a local hosted llm vm through a usb and also disposable vms. it seems like the best solution is to run a windows vm on qubes and to set specific peramiters that would be the same as the victum i.e same ip, mac address, same session cookies. Is there any stealer malware you reccomend and also is there any ai you reccomend to locally host and do you think qubes itself is best to host the vm or should i use vmware

sorry for the barrage of questions i am just eager to learn

using kali here is useless. kali is just a custom distro with preinstalled tools. luks is a type of encryption standard, it has nothing to do with the distro.

hiding your vm is only for opsec, it will not increase your success rate when committing fraud or something. it is only meant for keeping you safe if police arrive.

if you are trying to focus on opsec, there is a lot more that is needed to be done than just securing your vm. if you are in CIS countries, you don't need to do this as long as you do not attack CIS countries. for only vm opsec, here is my setup:

usb -> bootable live linux -> encrypted veracrypt partition with vm inside -> windows vm.

i have a raspberry pi that i use a tor router for my network, so all machines on it are router through onion network at all times. windows vm will use a residential proxy. after running a campaign, i revert the windows vm to a clean snapshot i have saved. for wifi, i use someone else's wifi, i usually rotate around between a few in my area. i keep all accounts and online persona on the vms separate from my real life accounts.

this is only a tiny fraction of opsec, it will not improve your success in fraud, it will only improve your chances of not being caught, which do not matter if you live in CIS countries and attack americas/uk/europe.

 

[Фантом1154]

using kali here is useless. kali is just a custom distro with preinstalled tools. luks is a type of encryption standard, it has nothing to do with the distro.

hiding your vm is only for opsec, it will not increase your success rate when committing fraud or something. it is only meant for keeping you safe if police arrive.

if you are trying to focus on opsec, there is a lot more that is needed to be done than just securing your vm. if you are in CIS countries, you don't need to do this as long as you do not attack CIS countries. for only vm opsec, here is my setup:

usb -> bootable live linux -> encrypted veracrypt partition with vm inside -> windows vm.

i have a raspberry pi that i use a tor router for my network, so all machines on it are router through onion network at all times. windows vm will use a residential proxy. after running a campaign, i revert the windows vm to a clean snapshot i have saved. for wifi, i use someone else's wifi, i usually rotate around between a few in my area. i keep all accounts and online persona on the vms separate from my real life accounts.

this is only a tiny fraction of opsec, it will not improve your success in fraud, it will only improve your chances of not being caught, which do not matter if you live in CIS countries and attack americas/uk/europe.

Thank you for the tips. what advice would you suggest for better success in fraud would really appreciate it

 

[vei]

Thank you for the tips. what advice would you suggest for better success in fraud would really appreciate it

really depends what type of fraud. it boils down to ip trust score, fingerprint, ip location, ip isp, if residential and not caught as data center, proxy/vpn, etc, appearing like the user that is most likely using the service and/or account, adding additional measures like trustable emails, having voip access for verification if needed, etc. many small tips and tricks for different types.

 

[Фантом1154]

really depends what type of fraud. it boils down to ip trust score, fingerprint, ip location, ip isp, if residential and not caught as data center, proxy/vpn, etc, appearing like the user that is most likely using the service and/or account, adding additional measures like trustable emails, having voip access for verification if needed, etc. many small tips and tricks for different types.

Thank you for the tips brother what service or websites do you use i.e like your proxy service