Researchers from Group-IB have recently revealed that a network black market called Joker’s Stash is selling 1.3 million payment cards, 98% of which comes from India and 1% from Colombia. Joker’s Stash is a network black market specializing in payment card data transactions with more than 500 domains and 54 servers.
“Databases are usually uploaded in several smaller parts at different times,” says Ilya Sachkov, CEO and founder of Group-IB, which was originally headquartered in Moscow. While that is unusual, so too is the sheer scale of what’s being offered all at once.
“This is indeed the biggest card database encapsulated in a single file ever uploaded on underground markets at once,” he says. “What is also interesting about this particular case is that the database that went on sale hadn’t been promoted prior either in the news, on card shop or even on forums on the dark net. The cards from this region are very rare on underground markets. In the past 12 months, it is the only one big sale of card dumps related to Indian banks.”
Experts suspect that the data comes from hijacked point-of-sale systems or ATMs. The data sold includes the cardholder’s name, card number, expiration date, CVV number, and other relevant information. Criminals can use this data to create clone cards with success rates as high as 90% to 95%. Because Joker’s Stash sets the price of each piece of data at $100, this batch of data can generate up to $130 million in illegal income.