Dark Web Sale: Nearly Two Thousand Stolen Singaporean Bank’s Credit Card Details Discovered


A Singapore based cybersecurity firm, Group-IB has discovered one of the largest stolen credit card details for sale on the dark web found in a single database. According to the many reports circulating, the value for the discovered stolen credit card details are closed to $2 million and was obtained from various infected websites across the internet.

This has been a course for concern as victims would not only lose their money but would be at risk of identity theft. The dark web has been said to be a marketplace for many stolen credit card details offered for sale at cheaper rates.

This Group-IB was analyzing the various shops on the dark web that focuses on credit card sales. Through this, they discovered the database that contained 1726 compromised data offered for sale. They also discovered a spike in sales of 4166 compromised stolen credit card details including card numbers, expiry date and CVV. A further investigation led to the discovery that the cards were issued by various Singapore banks.

Image Source: www.sk.ru

According to other reports, the credit card details were likely obtained using a malware called JavaScript Sniffers considering the fact that the name of the database was 31.03-SG_MIX_SNIFF. Just like the usual traditional card skimmers, JavaScript Sniffers were likely injected into various websites including e-commerce websites by shoppers. The malware has the ability to change a few codes on the infected website. When this malware is successfully injected into a website, all sensitive information including names, passwords, credit card numbers, addresses, and other information are captured.

According to Group-IB, malware can take care of websites powered by different content management systems. This makes it difficult to detect and quite dangerous to tackle using a traditional signature-based detection method. The existence of this malware and many other dangerous ones make it more important for websites to make cybersecurity a top priority.

As claimed by the Group-IB, this case looks more serious than it looks. Based on their assessment on stolen credit card details on the dark web between January 2019 to August 2019, most databases uncovered contained just a few hundreds stolen credit cards on the average. Comparing this to the most recent discovery of close to 2000 stolen credit card details in a single database reveals how serious the case is. This signifies that the credit card business is on the rise on the dark web, explaining why the cyber-attacks recorded in the first half of the year is on the rise.

Though the researchers refused to reveal the names of the attacked websites, it is believed that most of the infected websites are Singapore based and also, oversea websites. The JavaScript Sniffer used in this operation has been said to have the ability to inject fake web forms. The malware is capable of producing a fake PayPal and Stripes form to look like a real one. This method has been used to steal customers payment information from various online stores. It was reported that Sniffers have injected about 2440 websites across the world according to the report.

Stolen credit card

Image Source: www.dhakadistributions.com

The founder and CEO of Group-IB Ilya Sachkov issued advice to the administrators of e-commerce websites to ensure that their software is updated. This is a basic approach to reduce the high records of stolen credit card details offered for sale on the dark web.

She also explained the need for an administrator to make regular cybersecurity assessment on their websites a priority. She further advised them not to hesitate to seek assistance from specialists. On half of the customers, it has strongly been advised to use a separate debit card to pay for their shopping online.

Cybercrime has been said to be on the rise in 2019 with many private companies and governments institutions being the major targets. Cybercriminals usually do not target a particular company, but take advantage of the weak security or loopholes in their security to infect them with dangerous malware.

According to Sachkov, the statistics for the number of affected websites could have been higher if cybersecurity authorities were not consulted in detecting websites infected with JavaScript Sniffer.

According to a recent report, cybercrime has contributed 10% of all laundered money. Also, a total of 1.9 billion data were exposed in the first quarter of 2019. In addition, it was predicted that the ransomware attack would hit a business in every 14 seconds in 2019 explaining how severe the incident has been.

The average cost of a data breach in 2018 was said to be $3.86 million, and looking at the rate of incidents in 2019, the average cost is expected to be more by the end of the year.

Source: Computer Weekly

Disclaimer: Darkweblink.com does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither Darkweblink.com nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.

Tags: #deep_web_links #Tor_.onion_urls_directories #Deep_Web_Sites_Links #Dark_Web_Links_Hidden_Wiki #Dark_web_directories


Please enter your comment!
Please enter your name here