Scammers just posted 1.3 million payment card numbers on Joker’s Stash, a market for ID theft

A database containing roughly 1.3 million credit and debit card numbers belonging primarily to Indian bank customers was uploaded this week to Joker’s Stash, an online market specializing in stolen personal data, according to new findings by security researchers. Group-IB, in a statement e-mailed Tuesday to CyberScoop, said the database was uploaded Oct. 28, and is worth more than $130 million, the equivalent value of roughly one dollar per record. Ninety-eight percent of the files belong to Indian banks, while 1% originate with a Colombian entity. Group-IB did not name any of the banks affected, victims included in the database or speculate on who may have uploaded the information. This addition of credit card information came just days after researchers determined that Joker’s Stash is growing. Over its four-year lifespan, the illicit card shop has become a dumping ground for financial information stolen from organizations like Hy-Vee, Sonic Drive-In and others. Now, […]

The post Scammers just posted 1.3 million payment card numbers on Joker’s Stash, a market for ID theft appeared first on CyberScoop.

Continue reading Scammers just posted 1.3 million payment card numbers on Joker’s Stash, a market for ID theft

Joker’s Stash, once a forum for credit data, grows as breaches yield more stolen data

If it’s possible to describe a cybercriminal marketplace as “reputable” while maintaining a straight face, then Joker’s Stash fits the description as well as any other. The site has emerged in recent years as a destination for scammers who buy and sell credit card information stolen after data breaches from victims including the Hy-Vee supermarket chain, Sonic Drive-In and others. Now, the site has expanded to include an array of personal information on high-value targets, including members of the Trump administration, as part of an evolution toward making illicit transactions more user friendly, according to research published Thursday by threat intelligence firm Recorded Future. It’s also available without the use of Tor, the well-known anonymity software that unlocks websites not accessible with mainstream web browsers. Researchers who explored Joker’s Stash following reports that information stolen from Hy-Vee had been made available also found a new section dedicated entirely to Social Security […]

The post Joker’s Stash, once a forum for credit data, grows as breaches yield more stolen data appeared first on CyberScoop.

Continue reading Joker’s Stash, once a forum for credit data, grows as breaches yield more stolen data

Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale: More than 5.3 million new accounts belonging to cardholders from 35 U.S. states. Multiple sources now tell KrebsOnSecurity that the card data came from compromised gas pumps, coffee shops and restaurants operated by Hy-Vee, an Iowa-based company that operates a chain of more than 245 supermarkets throughout the Midwestern United States. Continue reading Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

Hacking forums survive cybercrime dragnet as feds prioritize drug-market busts

It might be more difficult these days to conduct an anonymous drug deal on the dark web, but not every online criminal enterprise is feeling the pinch of international law enforcement. New research shows that as the FBI and other crime-fighting agencies have gone after dark web markets, cybercrime communities have avoided the heat. Stolen financial information, access to hacked social media accounts and malicious software tools are still widely available on forums accessible on the open web, without using the Tor anonymity software. Among those still operating are the prominent Russian-language marketplace Exploit.in, the “carding” forum Joker’s Stash and Hackforums, which offers guidance on how to become a hacker. Exploit, in particular, has gained nearly 1,000 new accounts over the past six weeks, with current membership at 44,433 user accounts as of May 13, according to research conducted by Digital Shadows exclusively for CyberScoop. The site is “fully gated,” meaning outsiders must pay $100 for […]

The post Hacking forums survive cybercrime dragnet as feds prioritize drug-market busts appeared first on CyberScoop.

Continue reading Hacking forums survive cybercrime dragnet as feds prioritize drug-market busts

A Month After 2 Million Customer Cards Sold Online, Buca di Beppo Parent Admits Breach

On Feb. 21, 2019, KrebsOnSecurity contacted Italian restaurant chain Buca di Beppo after discovering strong evidence that two million credit and debit card numbers belonging to the company’s customers were being sold in the cybercrime underground. Toda… Continue reading A Month After 2 Million Customer Cards Sold Online, Buca di Beppo Parent Admits Breach

Latest Pakistan bank-card fraud looks like an actual breach, researchers say

A spike in payment-card fraud in Pakistan over the past six months now appears to involve a possible breach of at least one bank’s internal systems, according to researchers with New York-based threat intelligence company Gemini Advisory. Previous reports — including research by Moscow-based cybersecurity company Group-IB — had noted two major dumps of Pakistani payment-card data on the dark web market Joker’s Stash in October and November, as well as further sales in January of this year. Gemini Advisory says it now appears that the card-information dumps point to a more aggressive level of hacking beyond point-of-sale attacks. “While fraudsters generally acquire card and PIN data with card skimmers and cameras or overlays, the January 24 and January 30, 2019 breach included such data in large quantities pertaining to a single bank – Meezan Bank Ltd.,” Gemini Advisory says. “Gemini analysts therefore assess with moderate confidence that the compromised records posted […]

The post Latest Pakistan bank-card fraud looks like an actual breach, researchers say appeared first on CyberScoop.

Continue reading Latest Pakistan bank-card fraud looks like an actual breach, researchers say

Fin7 and the Perfect Phish

For the past twenty years, one of the main pieces of advice our industry gave to people regarding their email was “don’t open attachments from people you don’t know.”  But what if your JOB is opening attachments from people you don’t know?
On Augu… Continue reading Fin7 and the Perfect Phish

ThreatList: Biggest Cybercrime Developments in 2018, So Far

A look at the underground cybercrime landscape in 2018 shows a dynamic and quick-reacting community in the face of a successful crackdowns by law enforcement. Continue reading ThreatList: Biggest Cybercrime Developments in 2018, So Far

4 Years After Target, the Little Guy is the Target

Dec. 18 marked the fourth anniversary of this site breaking the news about a breach at Target involving some 40 million customer credit and debit cards. It has been fascinating in the years since that epic intrusion to see how organized cyber thieves h… Continue reading 4 Years After Target, the Little Guy is the Target