Joker’s Stash has recently been in the news for its role in uploading and selling millions of payment card records. Their intention to come up with a bunch of credit and debit card details from major banks across the world came to light when they earlier staged a massive infrastructure upgrade to accommodate a large volume of stolen information.
The recent news according to the Group -IB is that the platform has uploaded about 461,976 payment card records from Indian banks and offering them for sale for $9 each.
According to the report published by the Group-IB, a database called “INDIA-BIG-MIX” (Full name: (CC) INDIA-BIG-MIX (FRESH SNIFFED CVV) INDIA/EU/WORLD MIX, HIGH VALID 80-85%, uploaded 20-02-05 (NON-REFUNDABLE BASE) found its way onto the site on 5 February 2020.
Image Source: www.technadu.com
The report estimates that the uploaded payment card records are 98% Indian cards. This has been a course for concern as India has suffered much from the hands of hackers. This is the second-largest uploaded Indian Payment card records after the earlier reported incident which affected a number of Indian banks. The researchers revealed that as at 6 February 2020, 16 of the uploaded cards had been sold already.
The researchers disclosed that the uploaded payment card records include the Expiration date, CVC/CVV credit card, and debit card numbers. The database found contains more details of the affected individuals and this includes the cardholder’s name, their phone numbers, their addresses, and their email addresses. These are meant to fetch them around $4.2 million underground revenue from all the payment card records in the database.
Soon after the discovery, the researchers notified the Indian Computer Emergency Response Team. They are expected to take the necessary action to protect the affected victims and devise ways to minimize the impact. Currently, the source of the batch is not known.
The payment card records in the recently uploaded database have a lot in common with the previous one, but it is more likely that the recent one was stolen online. The kind of information uploaded reveals that they were obtained with JS-Sniffers, phishing or malware according to research. In the previous payment card records uploaded on the Joker’s Stash platform, the information contained in the credit card magnetic stripes was stolen and uploaded. The details were stolen by compromising the offline POS terminals. Hackers are always using different strategies and methods to hit banks and offer stolen payment card records for sale on the dark web.
In October 2019, over 1.3 million payment card records largely from Indian banks were uploaded on the Joker’s Stash platform for sale. According to the report, the underground market value for the cards was 130 million as each record was being sold for $100. The uploaded database contained debit and credit cards Track 2. It is said that Track 2 credit cards can be cloned for further use. The database name revealed that the database contained both Track 1 and Track 2 cards. It similarly contained 98% of credit cards belonging to Indian banks and 1% belonging to Colombian banks according to Group-IB.
Many hacker groups have come up with the intention not to encrypt files and exfiltrate information for ransom. Instead, they only target payment card records. In this case, e-commerce websites and other companies that host payment card records of customers are primary targets. Magecart hackers are mostly known for injecting websites with malware to steal payment card records. These stolen cards are mostly sold on the dark web. Hackers try to sell them as early as possible before the cards are canceled by their respective banks.
Image Source: www.technadu.com
Recently, the payment card records of fuel and convenient chain, Wawa Inc. was stolen in a 9 months-long data breach and uploaded on the Joker’s Stash platform. It was said that the Joker’s Stash platform had uploaded about 30 million stolen data which explains their specialization in the credit card sales on the anonymous market. About 850 stores spread across the country were affected by the data breach and payment cards issued by about 1000 banks across over 40 states in the US were uploaded for sale on the dark web.
It is advisable that individuals in possession of payment cards issued by a bank within the affected regions monitor their bank statements for suspicious activities or unauthorized transactions. If there is any suspicion, it is important to call the phone number at the back of the card or call the bank that issued the card to perform the necessary operation to protect your funds.
It has been said that using credit cards to make payment online is very risky, so individuals can get a different card for this purpose, or choose to use virtual cards different from what they usually use. Apple Pay has been said to be very good for this purpose as it generates different numbers for different transactions making it irrelevant for anyone to steal the card numbers.
Disclaimer: Darkweblink.com does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither Darkweblink.com nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation to the reliance on or usage of any content, goods or services mentioned in this article.