You need to be talking to the FBI, not DFWM. Also, good luck. Running a tracert yields they are using an airport wifi.

They originate from New York, and what Ratt said. You're not gonna get much info from a whois either.

1.) has the loss been ♠reported it to the proper authorities...i.e. SEC, FBI, FTC, etc.

2.) does your company not have any type of IT people that can do this sort of thing?

3.) where are the boobie pics?

More specifically, JFK Airport. However, that doesn't mean they're not just routing the traffic through the JFK Airport. Airport Wifi is notoriously open, and it's also being routed through DCA Airport.

true dat

Email the abuse contacts for CableVision, include logs that show proof of hacking, but don't give away any of your proprietary information. As the other said, open a case with the FBI, up to a certain dollar amount, they will care and do some investigation.



Both IPs belong to the same cable provider (ISP)

Name OOL Hostmaster
Handle OOLAB-ARIN
Company Optimum Online (Cablevision Systems)
Street 111 new south RD
City Hicksville
State/Province NY
Postal Code 11801
Country US
Registration Date 2002-09-30
Last Updated 2011-04-15
Comments Please send your abuse report to abuse@cv.net.
Spam complaints must include the full header and content of the
email. Email virus complaints must include the full header and
the type of virus. Hacking complaints must contain the date,
time, timezone, source IP address, destination IP address,
sending port, receiving port, type of protocol (i.e. TCP, UDP),
an indication of frequency whether by count for a time frame
or by list, and specifics of the attack if applicable. Please
send plain text only - we cannot accept attachments. All other
issues must contain full details of the problem. Please report
only recent incidents. All issues are prioritized and may not be
addressed immediately.
Phone +1-516-803-2400 (Office)
Email abuse@cv.net

Also, PM me if you need help investigating or validating any bugs or vulnerabilities.

I am a Licensed Penetration Tester.

My company wasn't hacked, it was one of our merchant's processing gateway accounts. In the end they will be liable and we will sue them to get the funds back, but anything I can do to help narrow down where it came from will help.

You are a licensed "Just-the-tip" dude?

ORLY. lol.

Not much more anyone can tell on those IPs unless you subpeona the ISP for a more pinpoint location of origin. Traceroute can be hit or miss in large ISPs due to SNAT'ing, etc.

Your only other information source would be yours/merchant/gateway account application(or transation) Logs.

If you provide more information on what happened we may be able to provide more ideas.

Just trying to make some skrilla

WTF?

Sounds like something that should be in the NSFW forum...

Or in the Armory.