Group-IB, a Singapore based cybersecurity company that specialises in preventing cyber attacks discovered details of 460,000+ Turkish payment cards being sold online on Joker’s Stash, the internet’s largest underground card shop. Payment card included both credit and debit cards and are originated from a broad spectrum of Turkish banks.
“Cards from Turkey are very rare on card shops,” said Group-IB. “In the past 12 months, this is the only big sale of payment cards related to Turkish banks.”
The cards included both debit and credit cards, and the cards originated from a broad spectrum of Turkish banks.
How many cards on sale and what was its black market price?
The seller advertised a total of four databases sold separately in two rounds, on October 28 and November 27.
The first two database TURKEY-MIX-01 and TURKEY-MIX-02 were discovered by Joker’s Stash. The database contained data for 30,000 cards each and asked $3 for each card.
At the end of November, another two databases named TURKEY-MIX-03 and TURKEY -MIX-04 were offered with much higher cards – around 190,000 in one and about 205,000 in the other. The value for each card was lowered to $1.
The names of the caches indicate that the data is from cards issued in Turkey. The announcement said that 85% to 90% of the cards were valid.
What is the Information stolen?
“All the compromised credit and debit cards records in this database were identified as raw cards data also known as ‘CCs’ or ‘fullz’ and contained the following information: expiration date, CVV/CVC, cardholder name as well as some additional info such as email, name and phone number,” said Dmitry Shostakovich, Head of Group-IB’S cybercrime research unit.
The cards magnetic strip does not contain email, names, phone numbers so the data was collected through online attack.
“A breakdown of the data indicated that all the cards could have likely been compromised online either due to phishing, malware or increased activity of Java-Script sniffers,” commented Dmitry Shestakov.
How to protect your cards from online attacks?
Group-IB experts recommends users to,
- Have a separate prepaid card for online payments
- Set spending limits on cards used for online shopping
The admins of eCommerce websites, need to keep their software updated, and carry out regular cyber security assessments of their websites.
You may be interested in reading: ASP.NET Hit by Ransomware