India has reportedly become the target of the third-biggest “card dump” this year. Almost 1.3 Mn debit and credit card details have been put up for sale on a website called Joker’s Stash on October 28, 2019. The database contains details from various issuing banks and 98% of the leaked data belongs to Indian customers.
Jokers Stash is a “card shop”, primarily used by criminal groups — including cybercrime groups FIN6 and FIN7— to buy and sell card details. The platform is advertised as a “card dump”.
The sale was brought to light by a Singapore-based cybersecurity company Group-IB that specialises in preventing cyber attacks. In its report, the company revealed that each card detail was being sold for $100, which brings the total value to at least $130 Mn.
The cybersecurity company clarified that the database includes Track 2 details that are usually collected by ATMs and point of sales (PoS) units. This helps rule out any possibility of a breach from digital transactions. Moreover, the data collection cannot be zeroed down to the compromise of any one bank’s ATM network, since the data comes from multiple issuing banks.
Group-IB also pointed out that more than 18% of the card details on the database belong to a single Indian bank.
Even though, there have been other such database sales in the past, this is one of the biggest single-file card databases ever uploaded on underground markets at once, Ilya Sachkov, CEO and founder of Group-IB, said.
The report also added, “What is interesting about this particular case is that the dаtabase that went on sale hadn’t been promoted prior either in the news, on card shop or even on forums on the darknet.”
In August 2019, payment card details of over 5.3Mn Hy-Vee —chain of more than 245 supermarkets located throughout the Midwestern United States— customers were listed for sale on the platform. This is termed as the biggest card dump of this year.
The second biggest was in February 2019, where payment card details of over 2.3 Mn Americans. the dump was nicknamed “DaVinci Breach”. In June and July 2019, details of 230K and 890K South Korean payment details were dumped on Joker’s Stash.[The development was first reported on ZDNet.]