The Russian Interior Ministry has taken down four major DarkWeb sites. The DarkWeb sites specialize in selling stolen payment card details from retailers and payment companies. Cybercriminals use these stolen cards to buy wares online and sell them for cash. This modus operandi is known as ‘Carding.’
Stolen Credit Card Market –A dying market
An increasing crackdown by authorities has forced many of the stolen credit card market vendors to end their sites. Rough estimates put the value of the market to nearly $263 million collections overall. One of the most significant stolen credit card vendors, Joker’s Stash, shut down its operations. It was followed by the UniCC this year, the second-largest vendor of stolen cards.
The Russian Interior Ministry seized Forum Shop and Trump’s Dumps, two major Stolen Credit card vendors. After Joker’s Stash ceased operation, UniCC became the market leader. After its exit, Forum shop, established in 2013, became the market leader. It raked in $256 million in Bitcoin through stolen card sales.
Trump’s Dump is a magnetic strip data vendor famous for using former US President Donald Trump’s picture for branding. It is estimated to have made a profit of $4.1 million since 2017.
Another major fish in the dubious market is Sky-Fraud. It is a significant carding forum and is visited by cybercriminals for discussing carding methods and other money laundering tips. Both Trump’s Dump and Forum Shop figured in most discussions on the forum.
Another dark player in stolen wares is UAS Store, RDP Credentials Vendor. The COVID-19 pandemic saw many workers working remotely from their homes. Their employers provided access to RDP (Remote Desktop Protocol). Hackers infiltrated poorly configured company networks, stole victims’ RDP credentials, and posted them in the UAS Store.