11 August 21, 17:06
Quote:Threat actors have leaked 1 million stolen credit cards for free online as a way to promote a fairly new and increasingly popular cybercriminal site dedicated to…selling payment-card credentials.
Researchers from threat intelligence firm Cyble noticed the leak of the payment-card data during a “routine monitoring of cybercrime and Dark Web marketplaces,” researchers said in a post published over the weekend. The cards were published on an underground card-selling market, AllWorld.Cards, and stolen between 2018 and 2019, according to info posted on the forum.
The leaked credit cards include the following fields: Credit-card number, expiration date, CVV, name, country, state, city, address, ZIP code, email and phone number, according to threat actors.
AllWorld.Cards appears to be a relatively new player to the market for selling stolen credit-card data on the Dark Web, according to Cyble. “Our analysis suggests that this market has been around since May 2021 and is available on a Tor channel as well,” according to the post.
The black market for stolen credit cards is a massive illegal business, with cybercriminals getting their hands on card data in a number of ways. Point-of-sale card skimmers, targeted Magecart attacks on websites and info-stealing trojans are among their top tools for stealing credit-card data.
Indeed, in the last six months of 2020 alone, threat actors offered more than 45 million compromised cards for sale in underground credit-card markets monitored by security firm Cybersixgill, the company said in a report. These cards are then used by cybercriminals to make online purchases, including buying gift cards, that are hard to track back to them.
Read more: 1M Stolen Credit Cards Hit Dark Web for Free