Threat actors have leaked 1 million stolen credit cards for free online as a way to promote a fairly new and increasingly popular cybercriminal site dedicated to…selling payment-card credentials.
Researchers from threat intelligence firm Cyble noticed the leak of the payment-card data during a “routine monitoring of cybercrime and Dark Web marketplaces,” researchers said in a post published over the weekend. The cards were published on an underground card-selling market, AllWorld.Cards, and stolen between 2018 and 2019, according to info posted on the forum.
The leaked credit cards include the following fields: Credit-card number, expiration date, CVV, name, country, state, city, address, ZIP code, email and phone number, according to threat actors.
More about Stolen Credit Cards
The black market for stolen credit cards is a massive illegal business, with cybercriminals getting their hands-on card data in a number of ways. Point-of-sale card skimmers, targeted Magecart attacks on websites and info-stealing trojans are among their top tools for stealing credit card data.
Indeed, in the last six months of 2020 alone, threat actors offered more than 45 million compromised cards for sale in underground credit-card markets monitored by security firm Cybersixgill, the company said in a report. These cards are then used by cybercriminals to make online purchases, including buying gift cards, that are hard to track back to them.
How Many Cards Are Still Active?
The curators of AllWorld.Cards began flogging their cybercriminal services on carding sites in early June, ostensibly to drum up new business, researchers from Italian firm D3 Lab noted in a separate blog post detailing the leak, published last Friday.
“It is conceivable that the data was shared for free to entice other criminal actors to frequent their site…by purchasing additional stolen data from unsuspecting victims,” according to the post (machine-translated from Italian).
There is some uncertainty about how many of the cards are actually still active and available for cybercriminals to use. Cyble researchers noted that threat actors claimed that 27 percent, according to a random sampling of 98 cards, are still active and can be used for illegal purchasing.
However, according to D3 Lab’s own analysis—which involved sending the credit-card numbers to client banks “to carry out the appropriate mitigation actions” — researchers found that closer to 50 percent of the cards are “still operational, not yet identified as compromised,” they said.
Cyble posted a list of the top 500 banks affected by the leak of stolen credit cards in descending order. Of the banks, 72,937 of the cards were associated the State Bank of India; 38,010 with Banco Santander (Brazil); 30480 with a U.S. bank based in Ohio called Sutton Bank; 27,441 with JP Morgan Chase Bank N.A.; and 24,307 with BBVA Bancomer S.A., a bank based in Mexico.
Ways Your Credit Card Information Can Be Stolen
Stolen information is “when a fraudster has access to your credit card number and can make purchases,” Sutherland says. “Fraudsters are very keen. It may be an email or phone call or a fake website. They will go for whatever process will be most effective for their target audience.”
Here are some examples:
- Lost or stolen cards: A person physically possesses your credit card and uses it to make purchases.
- Phishing: A fraudster uses a text message, phone call, or email to impersonate a legitimate person or institution to get you to hand over sensitive information.
- Counterfeit: Credit card or other accounts opened using stolen information from real people.
- Credit card skimming: A device that steals credit or debit card information from card readers such as a gas pump or ATM. It’s not as common as it used to be, due to retailers moving away from the magnetic stripe toward the more secure chip cards, though it still occurs.
- Public Wi-Fi networks: A shared internet connection means no privacy. Even if you’re on your own device or on a secure website, you could be vulnerable to hackers if you reveal your credit card or bank information while on a public network.
- Spyware and malware: Spyware is a type of malware (malicious software) that collects your personal information in the background of your computer. It silently records your browser history and keystrokes for cybercriminals, allowing them to impersonate you or sell your data.
- Data breaches: When a company you’ve entrusted with your confidential information is hacked, your credit card info is vulnerable to fraudsters to collect and misuse.
- Familial fraud: Familial fraud occurs when a family member, friend, or someone you know has used your card or opened an account in your name without authorization, says Sutherland. This is one of the more difficult forms of fraud to contend with, as it involves a person you know stealing your identity. It is still possible, though, to clear your name and not be held liable for charges you didn’t make.
If you find it interesting, you can read:
Ref: d3lab, threatpost, time