Ad Home

Hackers of Dark web selling 400,000 South Korean & US payment card data !

Hackers of Dark web selling 400,000 South Korean & US payment card data !

While taking a break from coronavirus related scams, cybercriminals are caught selling 400,000 payment detail (credit and debit card) records. These records were identified by Group IB – a cybersecurity company.

According to the company, the database is being sold on Joker’s Stash marketplace which happens to be one of the largest marketplaces for Carding on the internet.

Records Gathered from the Dumb :
American card dumps have traditionally been most commonly traded in the dark web, but the South Korean payment card details are a very rare commodity in the underground.

The total number of records exposed is 397,365. 
Roughly 49.9% (198,233 items valued at USD 991,165) were from South Korea’s banks and financial organizations.
49,3% were related to US banks and financial organizations.
Database of the credit and debit card details mainly contains Track 2 information including a magnetic stripe of a card, which includes the bank identification number (BIN), the account number, expiration date and may also include the card verification value (CVV)

Starting from 2019 we have reported several incidents about the leaked data in Dark web and card data’s became the second most popular target in the underground by the number of massive abnormal spikes in their sales, surpassed only by US-issued dumps – all-time “champion” on this market.

Also, a number of instances originating from APAC, such as the sale of the record-breaking database holding more than 1.3 million credit and debit card dumps of mainly Indian banks‘ customers in October 2019.

These card dumps do not necessarily get compromised in a card-issuing country, the data can be snatched when a card owner travels overseas to a country where advanced payment security measures, such as EMV, are not widely implemented, and uses an infected Point-of-Sale (POS) terminal. 

The Track 2 data (also referred to as card dumps) is used for card-present transactions and usually comes from infected POS terminal, from ATM skimmers or breached merchant’s payment system. However, in this case, the source of the stolen data remains unknown. 

“Even though there is not enough information in this dump to make online purchases, fraudsters who buy this data can still cash out stolen records,”

Researchers believe that this dumb of the data can be the biggest sale of South Korean records of credit and debit card details on the dark web in 2020, which contributes to the growing popularity of APAC-issued card dumps in the underground.

There is no clear evidence of the origin of this data. Researchers from Group-IB has informed proper authorities in South Korea and the US and closely work with them.

As Covid-19 spreading all over the world, so please stay safe, take care of everyone and watch our blogs at to know more about online cyber activities and to get protected from cyber attacks.
Thanks For Your Time !

No comments