Dark web hackers selling 400,000 South Korean & USA credit card data -darkwebmag

“The Planet’s most valuable resource is No more oil, but data,” The Economist. The cyber-criminal community is well aware of the Fact, and that is why every now and then, we read about the trove of personal and financial data being sold on the dark web or arbitrary hacker forum.

From the latest, while taking a break from COVID-19 related scams, Cyber-criminals are caught selling 400,000 payment detail (debit and credit card) records. These documents were identified by Group IB — a cybersecurity business.

According to the company, the database Is being marketed on Joker’s Stash market, which happens to be among the largest marketplaces for Carding online.

Totaling 397,365; the documents are from different financial organizations and could be broken down geographically as the following:

  1. 198,233 records are from South Korea: Around 49.9 percent
  2. 199,132 records are out of the US: Around 49.3 percent 

All These are being sold for a price of $1,985,835, which translates to $5 per document. However, not all these would work as is the case with such stolen info and thus, the hackers themselves have promised only a 30-40% validity rate.

As seen in the above advertisement Found for the database, there’s absolutely not any mention of South Korea that is odd considering that such accounts form most the records.

The importance of the stems from the Fact that usually, we could discover US-based records underground, but the South Korean game is a new one using all the investigators commenting,

How it Is the largest sale of South Korean recordings on the dark web in 2020, which leads to the rising popularity of APAC-issued card dumps from the underground. 

As seen from a photo of the documents obtained below, they are sometimes categorized as containing track two information, which comprises the lender identification number, the account number, expiration date, and sometimes can also contain the card verification value (CVV).

Moreover, although where this information Originated from remains a mystery, it’s very likely that it might have been as a consequence of infected POS programs, from skimmed ATM machines or even infected payment merchant systems.

It’s worth noting that Joker’s Stash is the identical market where countless stolen Wawa credit card data, the largest database of Indian charge card documents, and most recently half a million payment card documents stolen from some of the biggest banks in India were marketed.

As for the latest record, an intelligence analyst in Group-IB has said how,

Although there is not enough information in this ditch to make online purchases, fraudsters who purchase this data can still money out records that are stolen. 

Furthermore, attention should also be paid to how attackers can make cloned cards using the information obtained to withdraw money or make fraudulent purchases.

Concluding, the episode has been reported to the proper authorities, and action is already being taken. A good step for users to employ is to enable two-factor authentication for all online transactions using their credit/debit cards.

But if you are from those Respective countries and believe you might have been compromised, calling your lender and obtaining their information at this time is highly suggested. You can also alter your own card pin or ask the lender to re-issue a new card. All these would keep your money safe.

About chainsoff.

Intelligence Media Service, Monitors and Analyzes Extremists’ activities, including and not limited to: The Muslim Brotherhood, Kurdish Terrorism, Syrian Politics, Jabhet Al-Nusra, Hezbollah, Cyber Crime, and Taliban activities in Syria. Well known for her deep knowledge on Terrorism. Open Source Exploitation expert in the discovery, collection, and assessment of foreign-based publicly available information, also known as Open Source Intelligence (OSINT), HIMNT
This entry was posted in DARK WEB. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s