Category Archives: Joker’s stash

Operator of bitcoin ‘mixers’ that served dark web markets faces $60 million FinCEN penalty

Posted on by

The operator of two “mixer” or “tumbler” services that exchanged cryptocurrency for users on “the darkest spaces of the internet” is facing $60 million in civil penalties from the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN). The decision against Larry Dean Harmon, who operated the services known as Helix from 2014-17 and Coin Ninja from 2017-20, is the first of its kind from FinCEN against a bitcoin mixer. The agency said he failed to register both as money services businesses and violated federal obligations “to develop, implement, and maintain an anti-money laundering compliance program; and to meet all applicable reporting and recordkeeping requirements.” More specifically, Harmon failed to file suspicious activity reports for transactions within dark web markets, as required by the Bank Secrecy Act. “Mr. Harmon operated Helix as a bitcoin mixer, or tumbler, and advertised its services in the darkest spaces of the internet as a way for […]

The post Operator of bitcoin ‘mixers’ that served dark web markets faces $60 million FinCEN penalty appeared first on CyberScoop.

Continue reading Operator of bitcoin ‘mixers’ that served dark web markets faces $60 million FinCEN penalty

Dickey’s BBQ Breach: Meaty 3M Payment Card Upload Drops on Joker’s Stash

Posted on by

After cybercriminals smoked out 3 million compromised payment cards on the Joker’s Stash marketplace, researchers linked the data to a breach at the popular barbecue franchise. Continue reading Dickey’s BBQ Breach: Meaty 3M Payment Card Upload Drops on Joker’s Stash

Joker’s Stash claims 3 million cards stolen from Dickey’s Barbecue

Posted on by

Joker’s Stash, one of the most notorious web forums for stolen credit card data, has claimed a new scalp. Sellers on the site this week claimed to be offering 3 million payment card numbers used at Dickey’s Barbecue Pit, a U.S. fast-food chain, researchers at intelligence firm Gemini Advisory said Thursday. More than 100 of the barbecue joint’s locations were affected by the breach, and the data is being sold for a median price of $17 per card, according to the research. The data from Dickey’s Barbecue Pit customers appears to have been compromised between July 2019 and August 2020, according to Gemini Advisory. Numerous restaurant and hospitality chains have been hit by scammers in recent years because of the personal financial data they collect. “Given the widespread nature of the breach, the exposure may be linked to a breach of the single central processor, which was leveraged by over a quarter of all […]

The post Joker’s Stash claims 3 million cards stolen from Dickey’s Barbecue appeared first on CyberScoop.

Continue reading Joker’s Stash claims 3 million cards stolen from Dickey’s Barbecue

Wawa Breach May Have Affected More Than 30 Million Customers

Posted on by

Hefty collection of U.S. and international payment cards from the incident revealed in December found up for sale on dark-web marketplace Joker’s Stash. Continue reading Wawa Breach May Have Affected More Than 30 Million Customers

Wawa Breach May Have Compromised More Than 30 Million Payment Cards

Posted on by

In late December 2019, fuel and convenience store chain Wawa Inc. said a nine-month-long breach of its payment card processing systems may have led to the theft of card data from customers who visited any of its 850 locations nationwide. Now, fraud experts say the first batch of card data stolen from Wawa customers is being sold at one of the underground’s most popular crime shops, which claims to have 30 million records to peddle from a new nationwide breach. Continue reading Wawa Breach May Have Compromised More Than 30 Million Payment Cards

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

Posted on by

On Nov. 23, one of the cybercrime underground’s largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards. KrebsOnSecurity has learned this latest bat… Continue reading Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

Scammers just posted 1.3 million payment card numbers on Joker’s Stash, a market for ID theft

Posted on by

A database containing roughly 1.3 million credit and debit card numbers belonging primarily to Indian bank customers was uploaded this week to Joker’s Stash, an online market specializing in stolen personal data, according to new findings by security researchers. Group-IB, in a statement e-mailed Tuesday to CyberScoop, said the database was uploaded Oct. 28, and is worth more than $130 million, the equivalent value of roughly one dollar per record. Ninety-eight percent of the files belong to Indian banks, while 1% originate with a Colombian entity. Group-IB did not name any of the banks affected, victims included in the database or speculate on who may have uploaded the information. This addition of credit card information came just days after researchers determined that Joker’s Stash is growing. Over its four-year lifespan, the illicit card shop has become a dumping ground for financial information stolen from organizations like Hy-Vee, Sonic Drive-In and others. Now, […]

The post Scammers just posted 1.3 million payment card numbers on Joker’s Stash, a market for ID theft appeared first on CyberScoop.

Continue reading Scammers just posted 1.3 million payment card numbers on Joker’s Stash, a market for ID theft

Joker’s Stash, once a forum for credit data, grows as breaches yield more stolen data

Posted on by

If it’s possible to describe a cybercriminal marketplace as “reputable” while maintaining a straight face, then Joker’s Stash fits the description as well as any other. The site has emerged in recent years as a destination for scammers who buy and sell credit card information stolen after data breaches from victims including the Hy-Vee supermarket chain, Sonic Drive-In and others. Now, the site has expanded to include an array of personal information on high-value targets, including members of the Trump administration, as part of an evolution toward making illicit transactions more user friendly, according to research published Thursday by threat intelligence firm Recorded Future. It’s also available without the use of Tor, the well-known anonymity software that unlocks websites not accessible with mainstream web browsers. Researchers who explored Joker’s Stash following reports that information stolen from Hy-Vee had been made available also found a new section dedicated entirely to Social Security […]

The post Joker’s Stash, once a forum for credit data, grows as breaches yield more stolen data appeared first on CyberScoop.

Continue reading Joker’s Stash, once a forum for credit data, grows as breaches yield more stolen data

Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

Posted on by

On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale: More than 5.3 million new accounts belonging to cardholders from 35 U.S. states. Multiple sources now tell KrebsOnSecurity that the card data came from compromised gas pumps, coffee shops and restaurants operated by Hy-Vee, an Iowa-based company that operates a chain of more than 245 supermarkets throughout the Midwestern United States. Continue reading Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards