1.3 mn Indian payment cards details up for sale on Dark Web
New Delhi: Nearly 1.3 million debit and credit card data of Indian banking customers that can fetch up to $130 million for cybercriminals are available on Dark Web for open sale.
According to ZDNet, the cards’ details is available on Joker’s Stash — one of the oldest card shops on the dark web which is known to be the place where major hackers sell card dumps.
The researchers from cyber security form Group-IBA found the Indian card holders’ listing. Joker’s Stash is advertising it under the “INDIA-MIX-NEW-01” heading.
The debit and credit cards belong to multiple Indian banks and are being sold for $100 each, in what security researchers have dubbed one of the biggest card dumps in recent years.
“Early data analysis suggests the card details may have been obtained via skimming devices, installed either on ATMs or point of sale (PoS) systems,” said the report.
The card dump includes “Track 2 data, usually found on a payment card’s magnetic stripe. The presence of this kind of data automatically rules out skimmers installed on websites (Magecart attacks), where Track 1 and Track 2 is never used.”
Criminals who buy card dumps from Joker’s Stash typically use the data to clone legitimate cards and withdraw money from ATMs in so-called “cash outs.”
In February, card details for 2.15 million Americans were put up for sale on Joker’s Stash.
In August, nearly 5.3 million card details obtained from gas and convenience chain Hy-Vee customers were also dumped on Joker’s Stash.
Over the past five years, Joker’s Stash has become one of the premier underground credit card shops through significant releases of stolen credit cards from data breaches at companies like Target, Walmart, Saks Fifth Avenue, Lord & Taylor, and British Airways.
On August 22, the dark web store released the first batch of stolen credit card data (dumps) from an alleged point-of-sale (POS) breach at the gas and convenience chain Hy-Vee. It is estimated that Joker’s Stash lists 5.3 million credit card numbers related to this breach.