Hackers sold 19,928 Singaporean compromised payment cards on the dark web

Hackers have sold hundreds of credentials from government sites and educational institutions in Singapore, as well as detailed information on more than 19,000 stolen bank cards from banks in Singapore. Group-IB, a Russian cybersecurity company, revealed on March 19 that in the past two years, the company has found hundreds of credentials from government sites in Singapore on the darknet. Last year, the company discovered stolen bank card information worth nearly $640,000.

According to a press release issued by Group-IB, organizations that have stolen information include Government Technology Agency, Ministry of Education, Ministry of Health, Singapore Police Force website, National University of Singapore.

Dmitry Volkov, Group-IB CTO and Head of Threat Intelligence wrote,

“Users’ accounts from government resources are either sold on underground forums or used in targeted attacks on government agencies for the purpose of espionage or sabotage. Even one compromised account, unless detected at the right time, can lead to the disruption of internal operations or leak of government secrets. Cybercriminals steal user accounts’ data using special spyware aimed at obtaining users’ authentication data. According to Group-IB data, PONY FORMGRABBER, QBot and AZORult became the TOP 3 most popular Trojan-stealers among cybercriminals.”

Group-IB also said that Singapore is receiving more and more attention from hackers. According to company data, the number of bank cards leaked in 2018 has increased by 56% compared to 2017.