umh2809-CE

Carding is a term describing the trafficking of credit other carding sites and forum 'dump shops’[10] specialis- card, bank account and other personal information on- ing in these types of illegal goods.[11] [1] line as well as related services. Carding activi- On the more sophisticated of such sites, individual ties also encompass procurement of details,[2] and money [3] 'dumps’ may be purchased by zip code and country so as laundering techniques. Modern carding sites have been [12] [4] to avoid alerting banks about their misuse. Automatic described as full-service commercial entities. checker services perform validation en masse in order to quickly check if a card has yet to be blocked. Sellers will advertise their dump’s 'valid rate', based on estimates or 1 Acquisition checker data. Cards with a greater than 90% valid rate command higher prices. 'Cobs’ or changes of billing are highly valued, where sufficient information is captured to allow redirection of the registered card’s billing and ship- ping addresses to one under the carder’s control.[13] Full identity information may be sold as 'Fullz' inclusive of social security number, data of birth and address to perform more lucrative .[14] Fraudulent vendors are referred to as 'rippers’, vendors who take buyer’s money then never deliver. This is in- creasingly mitigated via forum and store based feedback systems as well as through strict site invitation and refer- ral policies.[15] Whist some carding forums will exist only on the , today most exist on the internet, and many will use the Cloudflare network protection service.[16][17][18] Screenshot of a carding site Estimated per card prices, in US$, for stolen payment card data 2015[19] There are a great many of methods to acquire and associated financial and personal data. The earli- est known carding methods have also included 'trashing' for financial data, raiding mail boxes and working with insiders.[5][6] Some bank card numbers can be semi- 3 automatically generated based on known sequences.[7] Today, various methodologies include skimmers at The 2004 investigation into the ShadowCrew forum also ATMs, hacking an ecommerce or payment processing led to investigations of the online payment service E- site or even intercepting card data within a point of sale gold that had been launched in 1996, one of the pre- network.[8] Randomly calling hotel room phones asking ferred money transfer systems of carders at the time. guests to 'confirm' credit card details is example of a In December 2005 its owner Douglas Jackson’s house social engineering attack vector.[9] and businesses were raided as a part of 'Operation Gold- wire'. Jackson discovered that the service had become a bank and transfer system to the criminal underworld. Pressured to disclose ongoing records disclosed to law 2 Resale enforcement, many arrests were made through to 2007. However, in April 2007 Jackson himself was indicted Stolen data may be bundled as a 'Base' or 'First-hand base' for money laundering, conspiracy and operating an unli- if the seller participated in the theft themselves. Resellers censed money transmitting business. This led to the ser- may buy 'packs’ of dumps from multiple sources. Ul- vice freezing the assets of users in 'high risk' countries and timately, the data may be sold on darknet markets and coming under more traditional financial regulation.[20]

1 2 5 HISTORY

Since 2006, had become a popular ser- vice for cybercriminals. When it was seized in May 2013 by the US government, this caused a major disruption to the ecosystem.[21] Today, some carders prefer to make payment between themselves with ,[22][23] as well as traditional wire services such as , MoneyGram or the Rus- sian WebMoney service.[24][25] Funds from stolen cards themselves may be cashed out via buying pre-paid cards, gift cards or through reshipping goods though mules then reselling through Screenshot from AOHell online marketplaces like eBay.[26][27] Increased law en- forcement scrutiny over reshipping services has led to the rise dedicated criminal operations for reshipping stolen goods.[28][29] sive guides on 'Carding Across America', burglary, fax fraud, supporting ,[40] and advanced techniques for maximizing profits.[41] During the 1980s the majority 4 Related services of hacker arrests were attributable to carding-related ac- tivities due to the relative maturity of financial laws com- Many forums also provide related computer crime ser- pared to emerging computer regulations.[39] [30] vices such as kits, and spam lists. Started in 1989, by 1990 was They may also act as a distribution point for the latest [31] launched by the United States Secret Service to crack fraud tutorials either for free or commercially. ICQ down on use of BBS groups involved in was at one point the instant messenger of choice due to and other illegal computer activities, the most highly pub- its anonymity as well as MSN clients modified to use [32] licised action by the US federal government against hack- PGP. ers at the time.[42] The severity of the crack down was Other account types like PayPal,[33] ,[34] Netflix and so much that the Electronic Freedom Foundation was loyalty card points may be sold alongside card details.[35] formed in response to the violation of civil liberties.[43] Logins to many sites may also be sold such a site In the mid-1990s with the rise of AOL dial-up accounts, access apparently for major institutions such as banks, [19] the AOHell software became a popular tool for phishing universities and even industrial control systems. and stealing information such as credit card details from Tax refund fraud is an increasingly popular method of new Internet users.[44] Such abuse was exacerbated be- using identify theft to acquire prepaid cards ready for im- cause prior to 1995 AOL did not validated subscription mediate cash out.[3][36] Popular coupons may be counter- credit card numbers on account creation.[45] Abuse was feited and sold also.[37] so common AOL added "no one working at AOL will ask for your password or billing information" to all instant Personal information and even medical records are some- messenger communications. Only by 1997 when times available.[19] Theft and gift card fraud may operated and phishing were pushed off the service did these types entirely independently of online carding operations.[38] of attacks begin to decline.[45] December 1999 featured an unusual case of 5 History when Maxim, a Russian 19-year-old, stole the 25,000 users’ card details from CD Universe and demanded $100,000 for its destruction. When the ransom was not 5.1 1980s–1999 paid, the information was leaked on the Internet.[46]

Since the 1980s[39] in the days of the dial-up BBSes, the One of the first books written about carding, 100% In- term carding has been used to describe the practices sur- ternet Credit Card Fraud Protected, featured content pro- rounding credit card fraud. Methods such as 'trashing', duced by 'Hawk' of carding group 'Universal Carders’. raiding mail boxes and working with insiders at stores It described the spring 1999 hack and credit card theft were cited as effective ways of acquiring card details. on CyberCash, the stratification of carder proficiencies Use of drops at places like abandoned houses and apart- ( through to professionals) common pur- chases for each type and basic phishing schemes to ac- ments or with persuadable neighbors near such a location [47] were suggested. Social engineering of mail order sales quire credit card data. representatives are suggested in order to provide passable By 1999, United States offline and online credit card fraud information for card not present transactions.[6] Charac- annual losses were estimated at between $500,000 and $2 ters such as 'The Video Vindicator' would write exten- million.[47] 5.3 2007–present 3

5.2 2000–2006

From the early 2000s, sites like 'The Counterfeit Library', also functioning as a diploma mill, grew to prominence, with many of its members going on to join larger cy- bercrime websites in later years until it closure around September 2004.[32] In 2001 Russian speaking hackers founded CarderPlanet in Odessa which would go on to be one of the most noto- rious forums of its kind.[48] In the summer of 2003, separate US secret service and FBI investigations led to the arrest the top administra- Master Splynter explaining DarkMarket's invite and vendor poli- cies of the large ShadowCrew carding forums, turned informant as a part of 'Operation Fire- wall'. By March 2004, the administrator of 'Carder- as inter-forum rivalry. In 2007 details of the operation Planet' disappeared with Gonzalez taking over. In Octo- was revealed to German national police, that the NCFTA ber 2004 dozens of ShadowCrew members were busted had successfully penetrated the forum’s inner 'family'. By across the US and Canada. Carder’s speculate that one of October 4, 2007 Mularski announced he was shutting the the USSS infiltrators might have been detected by a fellow site due to unwanted attention from a fellow administra- site member causing the operation to be expedited.[32] Ul- tor, ironically framed as 'too much attention' from law timately, the closure of ShadowCrew and CarderPlanet enforcement.[56] For several years following site closure did not reduce the degree of fraud and led to the prolif- multiple arrests were made internationally.[57] eration of smaller sites.[49][50] From 2004 through to 2006, CardersMarket assimi- ShadowCrew admin Brett Shannon Johnson managed to lated various rival forums through marketing, hacking avoid being arrested at this time, but was picked up in databases.[58] Arrested in 2007, in 2010 the site’s owner 2005 on separate charges then turned informant. Con- was sentenced to 13 years in prison.[59] tinuing to commit tax fraud as an informant, 'Operation Anglerphish' embedded him as admins on both Scandi- navianCarding and CardersMarket. When his continued 5.3 2007–present carding activities were exposed as a part of a separate investigation in 2006, he briefly went on the run before In more recent years, Russian language forums forums being caught for good in August of that year.[51] have gained dominance over English language ones, with In June 2005 the credit card processing company the former considerably more adept at identifying secu- rity researchers and counterintelligence activities[60] and CardSystems was hacked in what was at the time the [2] largest personal information breach in history with many strict invitation systems. Russia’s lack of extradition of the stolen information making its way to carding treaty with the United States has made the country some- sites.[13] Later in 2007 the TJX Companies breach per- what of a safe haven of cyber criminals, with the Rus- sian foreign ministry going as far as to recommend citi- petuated by Albert Gonzalez (who was still an informant [61] at the time)[52] would only come to the public’s attention zens not travel abroad to countries with such treaties. after stolen cards detected being misused to buy large Investigative journalist has extensively re- [53] ported on Russian carders as an ongoing game of cat and amounts of gift cards. Gonzalez’s 2008, intrusion into [62] Heartland Payment Systems to steal card data was charac- mouse. terized as the largest ever criminal breach of card data.[54] Since 2007 to present, Operation Open Market, an oper- Also in June 2005, UK-based carders were found to be ation run by the HIS and the USSS has targeted the pri- marily Russian language Carder.su organisation, believed collaborating with Russian mafia and arrested as a result [63] of a National Hi-Tech Crime Unit investigation, looking to be operating out of Las Vegas. In 2011, alleged site into Eastern European crime syndicates.[32][55] owner Roman Seleznev was apprehended in the Maldives by US law enforcement[64][65] and in 2012, identity thief Some time in 2005, J. Keith Mularski from the National David Ray Camez was arrested and charged in an un- Cyber-Forensics & Training Alliance headed up a sting precedented use of RICO legislation.[66][67] into popular English language site DarkMarket.ws. One of the few survivors of 'Operation Firewall', Mularski was In 2011, former Bulgarian ShadowCrew member Aleksi able to infiltrate the site via taking over the handle 'Mas- Kolarov aka APK was finally arrested and held Paraguay before being extradited to the United States in 2013 to ter Splynter', an Eastern European spammer named Pavel [68] Kaminski. In late 2006 the site was hacked by Max But- face charges. ler, who detected user 'Master Splynter' had logged in In June 2012, the FBI seized carding and hacking forums from the NCFTA’s offices, but the warning was dismissed UGNazi.com and Carders.org in a sting as a part of a 2- 4 9 REFERENCES year investigation dubbed Operation Card Shop.[1] after 9 References setting up a forum at carderprofit.cc.[69] In August 2013, hacker and carding forum HackBB was [1] J. Schwartz, Mathew (27 June 2012). “FBI Busts Massive taken down as part of the raid on .[70] International Carding Ring”. Retrieved 11 August 2015. In January 2014, fakeplastic.net was closed following [2] DeepDotWeb (18 March 2015). “ Market an investigation by the US postal service and FBI, af- Background: Carding Forums, Ponzi Schemes & LE”. ter collating previously seized information from TorMail, Retrieved 27 August 2015. ShadowCrew and Liberty Reserve. This led to mul- [3] Krebs, Brian (4 August 2014). "‘White Label’ Money tiple arrests and prosecutions as well as the site’s Laundering Services”. Retrieved 23 August 2015. closure.[71][72][73] [4] van Hardeveld, Gert Jan (26 October 2015). “Stolen Talk- A 2014 report from Group-IB suggested that Russian cy- Talk customer details: time bombs that may tick a while bercriminals could be making as much as $680 million a before being triggered”. Retrieved 19 December 2015. year based on their markets research.[74] In December 2014 the Tor based Tor Carding Forum [5] Zetter, Kim (19 December 2013). “Target Admits Mas- sive Credit Card Breach; 40 Million Affected”. Retrieved closed following a site hack, with its administrator 'Verto' 8 August 2015. directing users to migrate to the Evolution darknet mar- ket's[75] forums[76] which would go on to be the largest [6] Wizzard, Black. “The Art of Carding”. textfiles.com. Re- exit scam ever seen.[77][78] trieved 13 August 2015.

'Alpha02', who was notorious for his carding guides, went [7] “Credit Card Bin Attack Fraud”. Retrieved 12 November [79] on to found the AlphaBay darknet market, the first to 2015. ever deal in stolen Uber accounts.[80] The site is work- ing on rebuilding the damage to the reputation of mar- [8] Ilascu, Ionut (11 August 2014). “Russian Point-of-Sale kets founded by carders precipitated by the Evolution Hacker Pleads Not Guilty in US Court”. Retrieved 14 scam.[81] Meanwhile, most Russian carders selling details September 2015. do not trust the darknet markets due to the high level [9] Weisbaum, Herb. “Summer travel alert: Scammer target of law enforcement attention, however buyers are more hotel guests”. Retrieved 20 September 2015. open.[82] [10] Shah, Khushbu (9 April 2015). “Meet the Man Crusading Against Restaurant Credit Card Hackers”. Retrieved 31 August 2015. 6 See also [11] Krebs, Brian (4 June 2014). “Peek Inside a Professional Carding Shop”. Retrieved 8 August 2015. • Credit card fraud [12] Montemayor, Stephen (2 August 2015). “Out-of-state • Darknet market criminals bring cloned credit card schemes to Twin Cities”. Retrieved 2 August 2015.

• Identity theft [13] Zeller JR, Tom (21 June 2005). “Black Market in Stolen Credit Card Data Thrives on Internet”. Retrieved 13 Au- • gust 2015.

[14] Ducklin, Paul (5 November 2012). “Credit card fraud - want to join the party?". Retrieved 8 August 2015. 7 External links [15] Vijayan, Jaikumar (6 May 2015). “The identity under- world: How criminals sell your data on the Dark Web”. • http://textfiles.com/anarchy/CARDING/ Retrieved 16 August 2015.

[16] “Carders love ”. Retrieved 2 August 2015. 8 Further reading [17] Yadron, Danny (29 September 2014). “CloudFlare Pushes More Encrypted Web”. Retrieved 10 August 2015. • Kingpin: The true story of Max Butler, the mas- ter hacker who ran a billion dollar cyber crime net- [18] Kovacs, Eduard (17 March 2014). “Underground Pay- ment Card Store Rescator Hacked and Defaced”. Re- work[83] trieved 10 August 2015.

• DarkMarket: How Hackers Became the New [19] “The Hidden Data Economy” (PDF). Retrieved 17 Octo- Mafia[84] ber 2015. 5

[20] Zetter, Kim (9 June 2009). “Bullion and Bandits: The Im- [41] “Textfile Writing Groups: The Video Vindicator”. probable Rise and Fall of E-Gold”. Retrieved 13 August textfiles.com. Retrieved 13 August 2015. 2015. [42] Sterling, Bruce (1994). “Part Three: Law and Order”. [21] Halpern, Jake (May 2015). “Bank of the Underworld”. The Hacker Crackdown: Law And Disorder On The Elec- Retrieved 16 August 2015. tronic Frontier. New York: Bantam Books. ISBN 0-553- 56370-X. Retrieved 2009-03-08. [22] Kiell (11 December 2014). “A Carder’s First Experi- ence”. Retrieved 18 August 2015. [43] Charles, Dan (1990-07-21). “Crackdown on hackers 'may violate civil rights’". New Scientist. Retrieved 2009-03- [23] Kujawa, Adam (24 January 2014). “FBI Takes Down 08. Poorly Secured Carders”. Retrieved 23 August 2015. [44] LANGBERG, MIKE (8 September 1995). “AOL ACTS [24] PULKKINEN, LEVI (16 January 2015). “Piles of cash, TO THWART HACKERS”. Retrieved 13 August 2015. bunches of bling and a public defender?". Retrieved 16 August 2015. [45] “Phishing: General Information”. Retrieved 13 August 2015. [25] Krebs, Brian (14 July 2014). “Feds Charge Carding King- pin in Retail Hacks”. Retrieved 16 August 2015. [46] MARKOFF, JOHN (10 January 2000). “Thief Reveals Credit Card Data When Web Extortion Plot Fails”. Re- [26] Krebs, Brian (3 November 2015). “How Carders Can Use trieved 16 August 2015. eBay as a Virtual ATM”. Retrieved 5 November 2015. [47] Vesper (2000). 100% Internet Credit Card Fraud Pro- [27] Westin, Ken (21 December 2013). “Stolen Target Credit tected. ISBN 1552125343. Retrieved 16 August 2015. Cards and the Black Market: How the Digital Under- [48] Farivar, Cyrus (12 December 2013). “Ukrainian fraudster ground Works”. Retrieved 11 August 2015. and CarderPlanet “Don” finally sentenced to 18 years”. [28] Krebs, Brian (12 October 2011). “Shady Reshipping Cen- Retrieved 16 August 2015. ters Exposed, Part I”. Retrieved 23 August 2015. [49] Zetter, Kim (1 February 2007). “Crime Boards Come [29] Krebs, Brian (4 August 2014). "‘White Label’ Money Crashing Down”. Retrieved 11 August 2015. Laundering Services”. Retrieved 23 August 2015. [50] Zetter, Kim (1 July 2013). “9 Years After Shadowcrew, [30] Leinwand Leger, Donna (19 October 2014). “How stolen Feds Get Their Hands on Fugitive Cybercrook”. Re- credit cards are fenced on the Dark Web”. Retrieved 8 trieved 11 August 2015. August 2015. [51] Zetter, Kim (6 June 2007). “Secret Service Operative Moonlights as Identity Thief”. Retrieved 16 August 2015. [31] Jackson Higgins, Kelly (15 December 2014). “Price Tag Rises For Stolen Identities Sold In The Underground”. [52] Hacker Charged With Heartland, Hannaford Breaches - Retrieved 17 August 2015. wired.com - August 17, 2009

[32] Allen, Hoffmann (5 January 2015). “Before DarkNet- [53] Hines, Matt (21 March 2007). “Stolen TJX data used in Markets Were Mainstream”. Retrieved 16 August 2015. Florida crime spree”.

[33] Krebs, Brian (October 5, 2011). “How Much is That [54] King, Rachael (6 July 2009). “Lessons from the Data Phished PayPal Account?". Retrieved 2 September 2015. Breach at Heartland”. Retrieved 8 June 2014.

[34] Hackett, Robert (30 March 2015). “Stolen Uber user lo- [55] “Phishing pair jailed for ID fraud”. 29 June 2005. Re- gins are for sale on the dark web: only $1 each”. Retrieved trieved 16 August 2015. 2 September 2015. [56] Poulsen, Ken (13 October 2008). “Cybercrime Supersite [35] Paganini, Pierluigi (15 May 2015). “Hacking communi- ‘DarkMarket’ Was FBI Sting, Documents Confirm”. Re- ties in the Deep Web”. Retrieved 13 September 2015. trieved 13 August 2015.

[36] Krebs, Brian (15 August 2015). “IRS: 330K Taxpayers [57] Davies, Caroline (14 January 2010). “Welcome to Dark- Hit by ‘Get Transcript’ Scam”. Retrieved 23 August 2015. Market – global one-stop shop for cybercrime and banking fraud”. Retrieved 13 August 2015. [37] Cox, Joseph (14 January 2016). “Dark Web Vendor Sen- tenced for Dealing Counterfeit Coupons”. Retrieved 24 [58] Acohido, Byron (11 October 2006). “Cybercrime flour- January 2016. ishes in online hacker forums”. Retrieved 11 August 2015. [38] "'Operation Plastic Paradise' nets 18 arrests in $2 million gift card scheme”. WFTV. 14 December 2015. Retrieved [59] Poulsen, Kevin (12 February 2010). “Record 13-Year 19 December 2015. Sentence for Hacker Max Vision”. Retrieved 11 August 2015. [39] “Credit Cards for fun and profit!". textfiles.com. [60] Howard, Rick. Cyber Fraud: Tactics, Techniques and Pro- [40] “Hacking Calling Cards”. cedures. p. 117. ISBN 978-1420091274. 6 9 REFERENCES

[61] Poulsen, Kevin (4 September 2013). “Russia gives travel [80] “Stolen Uber Customer Accounts Are for Sale on the Dark advice to its hackers: don't leave the motherland”. Re- Web for $1”. Motherboard. trieved 16 August 2015. [81] G, Joshua (20 April 2015). “Interview With AlphaBay [62] Clements, Sam (8 August 2013). “Cyber Criminals Hate Market Admin”. Retrieved 18 August 2015. Brian Krebs So Much They're Sending Heroin and SWAT Teams to His Home”. Retrieved 16 August 2015. [82] G, Joshua (11 April 2015). “Darknetmarkets And Their Reputation in The Russian Community”. Retrieved 27 [63] “Federal Authorities Arrest 19 Persons in Operation August 2015. “Open Market"". 16 March 2012. Retrieved 8 August 2015. [83] Poulsen, Kevin (2011). Kingpin: The true story of Max Butler, the master hacker who ran a billion dollar cyber [64] Krebs, Brian (8 July 2014). “Feds Charge Carding King- crime network. ISBN 0733628389. Retrieved 16 August pin in Retail Hacks”. Retrieved 16 August 2015. 2015.

[65] Chiacu, Doina (8 July 2014). “Moscow accuses United [84] Glenny, Misha (2 October 2012). DarkMarket: How States of 'kidnapping' Russian hacker”. Retrieved 16 Au- Hackers Became the New Mafia. ISBN 9780307476449. gust 2015. Retrieved 16 August 2015.

[66] “US cyber-thief gets 20-year jail term”. 19 May 2014. Retrieved 16 August 2015.

[67] J. Schwartz, Mathew (12 December 2013). “Cybercrime Milestone: Guilty Verdict In RICO Case”. Retrieved 16 August 2015.

[68] Zetter, Kim (1 July 2013). “9 Years After Shadowcrew, Feds Get Their Hands on Fugitive Cybercrook”. Re- trieved 16 August 2015.

[69] Krebs, Brian (26 June 2012). "'Carderprofit’ Forum Sting Nets 26 Arrests”. Retrieved 11 August 2015.

[70] Neal, Meghan (5 August 2013). “To Bust a Giant Porn Ring, Did the FBI Crack the Dark Web?". Retrieved 2 August 2015.

[71] Kovacs, Eduard (25 January 2014). “Operators of Credit Card Counterfeiting Service Fakeplastic.net Charged”. Retrieved 25 November 2015.

[72] “Mastermind of Online Counterfeit Card Retail Shop Pleads Guilty”. FBI. 25 September 2014. Retrieved 25 November 2015.

[73] Krebs, Brian (14 January 2015). “Feds Infiltrate, Bust Counterfeit Card Shop”. Retrieved 25 November 2015.

[74] E Dunn, John (16 October 2014). “Russian cybercrim- inals made $680 million from stolen credit cards”. Re- trieved 16 August 2015.

[75] Wired Staff (1 January 2015). “The Most Dangerous Peo- ple on the Internet Right Now”. Retrieved 1 August 2015.

[76] Farivar, Cyrus (19 December 2014). “After Silk Road takedowns, Dark Web drug sites still thriving”. Retrieved 1 August 2015.

[77] Krebs, Brian (2015-03-18). “Dark Web’s ‘Evolution Mar- ket’ Vanishes”. Krebs on Security. Retrieved 2015-03-18.

[78] DeepDotWeb (10 May 2014). “Evolution Marketplace Staff Speak: We are growing fast!". Retrieved 16 August 2015.

[79] Cox, Joseph (23 April 2015). “The Kalashnikov Carding Club”. Retrieved 16 August 2015. 7

10 Text and image sources, contributors, and licenses

10.1 Text

• Carding (fraud) Source: https://en.wikipedia.org/wiki/Carding_(fraud)?oldid=705084681 Contributors: Xanzzibar, Rpyle731, Deku- shrub, Ladislav Mecir, Steel1943, Mild Bill Hiccup, Niceguyedc, Arjayay, Yobot, AnomieBOT, LilHelpa, FrescoBot, Skakkle, John of Reading, BG19bot, Aisteco, Delilah Grams and Anonymous: 6

10.2 Images

• File:Carding_screenshot.jpg Source: https://upload.wikimedia.org/wikipedia/en/0/0e/Carding_screenshot.jpg License: Fair use Contributors: Original publication: Tripwire

Immediate source: http://www.tripwire.com/state-of-security/vulnerability-management/how-stolen-target-credit-cards-are-used-on-the-black-market/ Original artist: Possibly Tor Carding Forum • File:DarkMarket_screenshot.jpg Source: https://upload.wikimedia.org/wikipedia/en/1/16/DarkMarket_screenshot.jpg License: Fair use Contributors: DarkMarket Original artist: Max Butler • File:Screenshot_of_AOHell.jpg Source: https://upload.wikimedia.org/wikipedia/en/8/86/Screenshot_of_AOHell.jpg License: Fair use Contributors: http://www.digital5k.com/aol-progz-a-digital-throw-back-to-aol-1995/ Original artist: AOHell

10.3 Content license

• Creative Commons Attribution-Share Alike 3.0