Carding via subscriptions to AI services: ChatGPT Plus, Midjourney, Claude

[Good Carder]

From carders to carders. Electronics, gift cards, utility bills — all of these require physical delivery, drop addresses, and resale. But what if I told you there was a way to earn a steady income without ever touching the product? Artificial intelligence services. ChatGPT Plus, Midjourney, Claude Pro — millions of users worldwide pay $20–30 per month for access to these tools. The stolen card pays for the subscription, and you sell access to your forum account for 20–30% of the price. The victim won't notice the charge (it's a small amount), and even if they do, they won't bother with a chargeback. AI services are so eager to attract users that their security is often limited to a basic CVV check. A perfect target for a carder.

In this article, I'll explore why AI services have weak security, how subscriptions are purchased using stolen cards, how account access is sold on shadow forums and Telegram, and the risks of account blocking and how to minimize them.

Part 1: Why AI Services Are an Easy Target for Carders​

1.1. Mass audience, low security threshold​

OpenAI, Midjourney, and Anthropic (Claude) are focused on maximizing user acquisition. Complicating the payment process (3DS, enhanced verification) would lead to a drop in conversion, so they often limit themselves to basic card verification (CVV + AVS). For non-3DS cards, subscriptions are processed without additional confirmation.

Statistics 2026: Stolen subscriptions to AI services have become a real hit on underground markets. Underground forums, Telegram communities, and darknet marketplaces are seeing a rapid shift in priorities: paid accounts for popular AI services such as ChatGPT Plus, Midjourney, and Claude Pro have become one of the most sought-after product categories. While cybercriminals previously targeted streaming platforms or gaming services, the focus has now shifted to artificial intelligence tools. Hacking and reselling access to premium models has become a profitable business.

1.2. Subscription price – the perfect balance​

ChatGPT Plus costs $20 per month, Midjourney costs $10–30, and Claude Pro costs £15 ($20). This isn't the kind of sum that would make a victim file a chargeback with their bank. It's the perfect "under-the-radar" transaction. Fraudsters often use stolen cards to subscribe to ChatGPT Plus, paying $20 monthly, and do so regularly, leaving the victim with constant charges.

2026 stats: Stolen credit cards, available for between £4 and £16 each, fund fraudulent upgrades, seamlessly blending in with legitimate traffic. Free lists of credentials, including 25 OpenAI logins, circulate on forums, allowing fraudsters to bill victims' money.

1.3. Difficulty of returns for the seller​

Even if the victim discovers the charge and initiates a chargeback, the money will be returned by the bank, not by AI. AI will lose the subscription, but not you. You've already sold access to the account. The buyer has already used ChatGPT Plus, Midjourney, or Claude. It's impossible to recover anything from you.

1.4. Global Demand​

ChatGPT Plus is officially unavailable in many countries (Russia, China, Iran). Users in these regions are forced to find workarounds and are willing to pay, even overpaying, for access. This creates a huge resale market. Underground forums actively sell AI API credentials, and guides on hacking AI-based systems are generated.

The case of the organized group 88code.ai: this group has long been engaged in the unauthorized resale of AI services (including Claude, and presumably the ChatGPT/OpenAI API), uses illegal credit cards ("black cards" purchased with USDT on the black market, as well as stolen credit cards of US citizens), and practices fraudulent refund claims. Their illegal income is estimated at approximately 1 million yuan per month ($138,000).

Researchers from Malwarebytes discovered an ad for the sale of over 20 million OpenAI account access codes on a hacker forum. To support their claims, the seller posted samples of the allegedly stolen data.

Part 2. The "Buy a subscription to a stolen card – sell access" scheme​

2.1. Preparation: What you need for the diagram​

• A stolen non-3DS card with a balance sufficient to pay for a subscription ($20-$30).
• Virtual card (VCC) as a cover card. RedotPay, Advcash – issue a card with a STREAM or MEDIA descriptor to mask the transaction.
• A clean account on the target AI service (ChatGPT, Midjourney, Claude). Register using a temporary email address (Guerrilla Mail) or your own domain with a catch-all option. If the service requires phone number verification, use SMS-activate.
• VPN/proxy corresponding to the country of the BIN card (US proxy for US BIN).
• Antidetect browser (Dolphin Anty, Octo). Each account must have a unique fingerprint.
• Sales channels: darknet forums, closed Telegram channels, credential shops.

2.2. Step-by-step algorithm​

1. Account registration. Create an account on the target AI service. Use a fresh email address, a clean proxy, and antidetect. Provide a phone number (if required) via SMS-activate.
2. Choose a plan. ChatGPT Plus ($20/month), Midjourney Basic ($10/month), or Claude Pro ($20/month) offer the optimal balance of price and liquidity. Midjourney Standard ($30/month) carries a higher risk of being blocked.
3. Payment with a stolen non-3DS card. Make sure the card has a balance, including taxes. Pay for the subscription.
4. Change your access details. After successful payment, change your password and email. If the service supports linking your own data, do so. Delete your payment information (if possible).
5. Gaining access. You receive an account with an active subscription. Your costs are $0 (the card was stolen). Cost price is $0.
6. Access for sale on forums. On darknet forums, Telegram channels, and marketplaces, the selling price for a single ChatGPT Plus account is $5–10, which is 25–50% of the official price. Sellers often advertise accounts with "unlimited access," high ratings, and fast code delivery via email. Midjourney and Claude Pro are sold at a similar price.

2.3. Organized schemes and scaling​

According to Flare research, threats use several illicit methods to obtain and resell these accounts. Cybercriminals steal credentials through phishing pages, infostealer logs, credential stuffing attacks, and compromised devices.

On underground forums, in invitation-only communities, and specialized credential stores, accounts are sold at prices below the official subscription price, attracting buyers looking to save money or use AI tools anonymously. These ads often include email and password information, active subscription details, remaining payment terms, and replacement guarantees and proof of access.

A "slicing" scheme: the seller would purchase a ChatGPT Team subscription for 5 seats for $150 and then resell each for $45-50 — up to $100 in net profit per "circle" per month. API keys were even easier to use.

eSentire research uncovers a thriving trade in compromised subscriptions to leading language models such as ChatGPT, Perplexity, and Gemini. These illicit deals often offer discounts of 40% to 75%. For example, one seller offers shared access to ChatGPT Plus for £5.50 per month (officially £15.80), and ChatGPT Pro for £20 per month (officially £158). Buyers are lured by high seller ratings and fast code delivery via email.

Part 3. Risks and how to minimize them​

3.1. Account blocking by AI service​

ChatGPT Plus (OpenAI), Midjourney, and Claude actively monitor for suspicious activity. If the service notices that an account is being used from multiple IP addresses or has an unusual request pattern, it may block the account without explanation.

Solution: After the sale, do not use the account yourself. Transfer access to the buyer and forget about them. Do not attempt to "reuse" the account after the sale.

3.2. The buyer is committing fraud​

A buyer can gain access to an account and then initiate a chargeback through the AI service (if they obtain the payer's details). This will result in the account being blocked, leaving you without funds (unless the buyer has paid upfront).

Solution: Sell only for cryptocurrency (USDT, XMR) through escrow. Do not accept payment after access has been transferred.

3.3. The victim initiates a chargeback​

The owner of the stolen card may notice the charge and dispute it. ChatGPT and other services will receive a chargeback, and the account with the subscription will be blocked. The money will be returned to the victim, and the buyer will lose access. Your reputation on the forum will be damaged.

Solution: sell accounts with a short guarantee (24-48 hours). Don't promise long-term stability.

3.4. AI service tightens security​

OpenAI, Anthropic, and Midjourney are constantly improving their fraud detection systems. They may introduce mandatory SMS verification, 3DS requests for new subscriptions, IP verification, and so on. What works today may not work tomorrow.

Solution: diversify. Don't put all your eggs in one basket — use ChatGPT Plus, Midjourney, and Claude Pro. Test new methods on small amounts before scaling.

3.5. Infostealers as a threat to buyers​

Infostealers (RedLine, Vidar, Lumma) are actively used to steal AI service accounts. Fraudsters selling access to ChatGPT Plus and Midjourney often obtain these accounts themselves through malware, which creates an additional risk for buyers — the account can be compromised again.

3.6. Phishing schemes under the guise of OpenAI and Anthropic​

Fraudsters are sending mass emails claiming to be OpenAI, demanding they "update their payment method" for ChatGPT Plus. The victim is redirected to a fake page, enters their card details, and the fraudsters receive them. OpenAI never asks for card details via links in emails.

Similar phishing campaigns disguise themselves as notifications about payment issues with Claude subscriptions, redirecting victims to fake pages that collect card details.

How to exploit this: Not only do you pay for subscriptions with stolen cards, but you can also collect CVVs yourself through phishing pages impersonating OpenAI and Anthropic. This provides an additional source of cards for your scheme.

Part 4. Checklist for Carding AI Subscriptions​

• Choose a service: ChatGPT Plus (the most liquid), Midjourney (popular among designers), Claude Pro (alternative).
• Prepare a stolen non-3DS card with a balance of $20-30. A US Fullz with billing is best.
• Set up the infrastructure: antidetect, residential proxy (country = BIN), clean fingerprint.
• Register an account on the AI service using a temporary email.
• Pay for your subscription with a stolen card.
• Change your password and email after payment. Delete your payment information (if possible).
• Sell your access on a darknet forum, Telegram channel, or a specialized credential store. Price: $5–$10 (25–50% of the cost).
• Receive payment in cryptocurrency (USDT, XMR) via escrow.
• Don't reuse the account. Once sold, forget about it.
• To scale, use a pool of stolen cards, various proxies and antidetect profiles, and combine different AI services.

Summary​

AI subscription carding is a simple, scalable, and low-risk scheme for carders. A stolen non-3DS card pays for a ChatGPT Plus, Midjourney, or Claude Pro subscription for $20-30. You sell account access on shadow forums for $5-10. Cost is $0. Profit is $5-10 per account. When scaling to 100 accounts per day, the net profit is $500-1,000.

AI services are so eager to attract users that their security is often limited to a basic CVV check. Growing interest in AI tools, especially in countries where they are officially unavailable, creates a huge demand for "gray" accounts. And organized resale schemes like 88code.ai earn fraudsters millions of dollars per year. The main risks are account blocking by the service and fraud on the part of the buyer. Use non-3DS cards, disguise your tracks, and sell through escrow. With OPSEC compliance, AI subscriptions can become a stable source of income with an ROI of 500% or more.

A quick one-line reminder:
"ChatGPT Plus for $20 + a stolen card = account. Sell on the darknet for $5-10. 100 accounts per day = $500-1,000. Non-3DS BIN, antidetect, and proxy are your tools. The main risk is account blocking. Don't be greedy, sell through escrow, and don't use the same account twice."