One Million Stolen Credit Cards Hit The Dark Web

Uploaded on 2021-08-13 in GOVERNMENT-Law Enforcement, FREE TO VIEW

A Russian cyber criminal group called AllWorld.Cards has released 1 million stolen credit cards on the Dark Web and now hundreds of thousands of active credit card payment credentials are freely available to criminals. 

The incident is aimed at promoting AllWorld.Cards, a new cyber criminals’ Dark Website for selling payment credentials online  to test the resources for free before eventually paying for the new service. Researchers at threat intelligence firm first  Cyble noticed the leak during routine monitoring of Dark Web marketplace.

Cyble released a post detailing their findings. The cards were all stolen between 2018 and 2019, according to the advertisements.  The leaked cards include information such as credit card numbers, expiration dates, CVV, name, country, state, city, address, ZIP code, emails, and phone numbers. 

This leaves the victims susceptible not only to financial theft, but to identity fraud, phishing, and social engineering. 

AllWorld.Cards appears to be a relatively new player to the market for selling stolen credit-card data on the Dark Web, according to Cyble. “Our analysis suggests that this market has been around since May 2021 and is available on a Tor channel as well,” according to the post.

The black market for stolen credit cards is a massive illegal business, with cyber criminals getting their hands on card data in a number of ways. 

In the last six months of 2020 alone, threat actors offered more than 45 million compromised cards for sale in underground credit-card markets monitored by security firm Cybersixgill. These cards are then used by cyber criminals to make online purchases, including buying gift cards, that are hard to track back to them. There is some uncertainty about how many of the cards are actually still active and available for cyber criminals to use. Cyble researchers noted that threat actors claimed that 27 percent, according to a random sampling of 98 cards, are still active and can be used for illegal purchasing.

To protect yourself you need to contact one or other credit reporting firm to initiate a fraud alert, which in turn is legally obligated to share your notice with others - it is free.

CyberSixGill:      CNBC:     Oodaloop:    Threatpost:      BlackLake Security

You Might Also Read: 

2021 - Inside The Dark Web:

 

« Cyber Crime In 2025
Suspected Russian Spy Arrested »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Xcitium

Xcitium

Xcitium (formerly Comodo) is and industry leading provider of state-of-the-art endpoint protection solutions. Our Zero threat platform isolates and removes all ransomware & malware infectictions.

CS Group

CS Group

CS Group offers a complete range of security solutions from consultancy to security maintenance and from secure infrastructure design to security governance.

Atomicorp

Atomicorp

Atomicorp, the leader in Secure Linux, is a developer of solutions for the protection and support of cloud, virtual, shared, and dedicated web hosting environments.

Infowhiz solutions

Infowhiz solutions

Infowhiz provides solutions for backup/disaster recovery and network security.

Subgraph

Subgraph

Subgraph is an open source security company, committed to making secure and usable open source computing available to everyone.

SuperCom

SuperCom

SuperCom are a global secure solutions integrator and technology provider for governments and other consumers facing organizations around the world.

SoloKeys

SoloKeys

SoloKeys provides the first open-source FIDO2 security key: Protect your online accounts against unauthorized access by using the most secure login method.

Amidas Hong Kong

Amidas Hong Kong

Amidas is your trusted companion on the road to Digital Transformation. We provide a full range of Information Technology Solutions and Professional Services to Enterprise customers.

DeNexus

DeNexus

DeNexus is the leading provider of cyber risk modeling for industrial networks. Our Mission is to build the Global Standard for Industrial Cyber Risk Quantification.

Gotham Digital Science (GDS)

Gotham Digital Science (GDS)

Gotham Digital Science is an international security services company specializing in Application and Network Infrastructure security, and Information Security Risk Management.

HashDit

HashDit

HashDit products and services focus on helping build a safe ecosystem for both protocol users and smart contract developers on BNB Chain.

NetApp

NetApp

The NetApp portfolio includes intelligent cloud services, data services, and storage infrastructure that helps organizations manage applications and data everywhere across hybrid cloud environments.

Stacklok

Stacklok

Stacklok are an Open Source first security company enabling safe Open Source Software consumption.

Forward Global

Forward Global

Forward Global designs and delivers services and technologies to manage digital, economic, and information risks.

NetAlly

NetAlly

NetAlly network test solutions help engineers and technicians better deploy, manage, maintain, and secure today’s complex wired and wireless networks.

SECTA5

SECTA5

SECTA5 is a cybersecurity company building a next-generation Continuous Threat and Exposure Management platform, leveraging the expertise of offensively trained cyber defenders.