Hacking the underground marketplaces is nothing new, and this time it has acquired its latest victim, SwarmShop. A massive database from the SwarnShop carding market on the clearnet containing more than 600,000stolen credit card details have been leaked on another forum.
The data leak contains the records of the whole SwarmShop community, adding to which all the data they used to sell had been traded on the forum. However, details regarding the data breach remain unknown. The data leak had exposed 12,344 records with nicknames, contact details, hashed passwords, SwarmShop administrators’ activity, buyers and sellers details.
The researchers at the cybersecurity company named Group-IB have discovered that the data leak had taken place back on the 17th of March. It was just a day before the Carding Mafia had suffered a data breach that had exposed his email addresses of nearly 300,000 members.
As per Group-IB, the SwarmShop dump consisted of details from whopping 623,036 payment cards that the banks had issued in Canada, U.S., U.K., Singapore, France, China, Saudi Arabia, Brazil and Mexico. The researchers had also discovered 498 sets of online banking account credentials. Apart from this, they had discovered 69,592 sets of the U.S. Social Security Numbers (SSNs) and the Canadian Social Insurance Numbers.
The SwarmShop breach hackers did not disclose any information regarding the hack but had just dropped a message containing a link to the database.
In the initial phase, the victimized card shop’s administration had argued that the stolen data was from the previous data breach that had occurred in January 2020. This was when a hacker attempted to sell the users’ database from the forum. However, the members had been asked to change their respective passwords.
Group-IB had analyzed the latest data dump and had determined that the leaked data dump was fresh and displayed the most recent user activity timestamps.
“In total, the database revealed the records of 4 cardshop admins, 90 sellers, and 12,250 buyers of stolen data, including their nicknames, hashed passwords, account balance, and contact details for some entries” – Group-IB.
SwarmShop is a relatively new carding forum that has operated since April 2019. Statistics reveal that by March 2021, it had successfully attracted over 12,000 users, and its database covered over 600,000 payment cards on sale. March 2021 marked the worst month for the underground forums, and the SwarmShop hack had been the third one in a month.
Dmitry Volkov, Group-IB CTO, says, “card shop breaches are uncommon. With Swarmshop, the assumption is that it was the target of a revenge hack that caused all sellers to lose their goods and personal data”.
Source: Group IB
Disclaimer: Read the complete disclaimer here.