A threat actor has released one million credit cards on hacking forums that were stolen between 2018 and 2019 to promote the carding market.
Carding is the trafficking and use of stolen credit cards. These credit cards are stolen through point-of-sale malware, magecart attacks on websites, and information stealing Trojans.
The stolen credit cards are then sold on criminal carding marketplaces where other threat actors purchase them to make online purchases, or to buy hard-to-trace prepaid gift cards.
The new criminal carding marketplace called AllWorld Cards posted last week to several hacking forums where they leaked one million credit cards for free.
The threat actor states that a random sampling of 98 cards showed approximately 27% of the cards were still active.
However, according to a report by Italian security firm D3Labs, 50% of the cards are still valid.
The cybersecurity firm Cyble also analyzed the credit card dump and said that the leak contains credit card numbers, expiration dates, CVVs, names, countries, states, cities, addresses, zip codes for each credit card, and email/phone numbers.
Cyble has analyzed 400,000 cards so far and the top five associated banks are:
- STATE BANK OF INDIA (44,654 cards)
- JPMORGAN CHASE BANK N.A. (27,440 cards)
- BBVA BANCOMER S.A. (21,624 cards)
- THE TORONTO-DOMINION BANK (14,647 cards)
- POSTE ITALIANE S.P.A. (BANCO POSTA) (14,066 cards)
To check if you card was part of this breach,
Cyble has imported the data into their AmIBreached service and the users can check if their cards were part of the breach.
Users are recommended to review their credit card statement thoroughly to check for historic fraudulent charges and future charges.
The All World Cards site is a relative newcomer to the carding scene which was started in May 2021 and has an inventory of 2,634,615 credit cards.
The country with the most cards is the United States, with 1,167,616 cards put up for sale. The cards range in price between $0.30 and $14.40, with 73% of the cards costing between $3.00 and $5.00.
The promotion was appreciated by many threat actors who have downloaded the dump. With this one million free dump, the site is likely to attract many other threat actors to their marketplace.