Millions of Credit Card Numbers Found on the Dark Web for Free

 Many data breaches have occurred over the past few years, and as a result, there is a treasure trove of stolen personal information out there belonging to innocent victims. Now, millions of stolen credit card numbers have appeared on the dark web for free.

What Happened?

In an effort to build traffic on the dark web to AllWorld.Cards, hackers have posted millions of credit card numbers purportedly for free to anyone who wants to download them.

Threatpost reported this week that “Threat actors have leaked 1 million stolen credit cards for free online as a way to promote a fairly new and increasingly popular cybercriminal site dedicated to…selling payment-card credentials.”

Threat researchers at Cyble first discovered the cache of stolen cards. This past weekend, they published a notice on their blog stating that they discovered the cards during “routine monitoring of cybercrime and Dark Web marketplaces.” These particular cards were stolen sometime during 2018 and 2019 and published on a new and upcoming cybercriminal marketplace called AllWorld.Cards.

According to the hackers offering the cards, the database of information contained credit card numbers, expiration dates, CVV, owner’s name, address, city, state, country, and zip code. They also include the user’s email address and phone number.

In its post, Cyble states that “Our analysis suggests that this market has been around since May 2021 and is available on a Tor channel as well.”

The actual message was pulled from the AllWord.Cards site is as follows:

We publish 1,000,000 bank cards to the public.
Walid is about 20%. All material from 2018-2019.
Fields: CCNumber Exp CVV Name Country State City Address Zip EmailPhone.
Promotion of unprecedented generosity from the store AllWords.Cards.

The list of cards comes from many different countries. The threat actors claim that at least 27% are still active, but it is unclear if that is true. It would seem that most victims would have canceled the cards by now and replaced them.

According to Threatpost, “However, according to D3 Lab’s own analysis—which involved sending the credit-card numbers to client banks “to carry out the appropriate mitigation actions” — researchers found that closer to 50 percent of the cards are “still operational, not yet identified as compromised,” they said.”

They also included a breakdown of countries where the cards were stolen:

“Cyble posted a list of the top 500 banks affected by the leak of stolen credit cards in descending order. Of the banks, 72,937 of the cards were associated with the State Bank of India; 38,010 with Banco Santander (Brazil); 30480 with a U.S. bank based in Ohio called Sutton Bank; 27,441 with JP Morgan Chase Bank N.A.; and 24,307 with BBVA Bancomer S.A., a bank based in Mexico.”

Some of the Ways Credit Card Numbers are Stolen

Organized crime has got deep pockets when it comes to stolen information. Some of the ways these hacker gangs snag credit cards are through.

• Man-in-the-middle attacks.
• Card skimmers at gas stations, ATMs, and POS terminals. 
• Malware on website shopping carts.
• Magecart attacks.
• Infostealing malware on the user’s machine.

Tips For Credit Card Holders to Stay Safe

Some tips from Cyble on protecting cardholders include:

• “Never share your personal information, including financial information, over the phone, email, or SMS messages.     
• Use tough-to-guess passwords besides implementing multi-factor authentication.     
• Make it a habit to keep a watch on your financial transactions, and if you notice any suspicious activity, contact your bank immediately.     
• Turn on the automatic software update feature on your computer, mobile, and other connected devices wherever possible and pragmatic. 
• Never open untrusted links and email attachments without verifying their authenticity.”