Fall of Stolen Credit Card Market

Recently, Four Major Illicit DarkWeb sites have been taken down by the Russian Ministry. 

  • Sky-Fraud
  • Trump’s Dumps
  • UAS Store
  • Ferum Shop

Millions of payment card details are stolen from retailers and payment companies every day and are sold in the Darkweb market for crypto assets. Cybercriminals use these cards to purchase items online which can then be sold to make cash. This method was popularly called “Carding”

The Fall of Stolen Credit Card Market

The Stolen Credit card market has been on the fall since many of the vendors were either ending their sites or taken down by the authorities. The market contributes to nearly $263 million collections overall. Last year, Joker’s Stash one of the largest Stolen credit card vendors shut down its operations followed by UniCC this year which was the second-largest vendor.

Ferum Shop and Trump’s Dumps, Two of the major Stolen Credit card vendors that were active were seized by the Russian Authorities. When Joker’s Stash left the market, UniCC became the market leader, and shortly after UniCC shut down Ferum Shop was the leader. Ferum shop was established in October 2013 and has earned over $256 million in Bitcoin through stolen card sales.

EHA

Trump’s Dump is a magnetic strip data vendor. Trump’s Dumps is infamous for using the image of President Donald Trump’s picture for branding. Altogether, Trump’s Dumps is estimated to have made around $4.1 million since 2017.

Sky-Fraud – Trump’s Dump and Ferum Shop

Sky-Fraud is one of the major carding forums used by cybercriminals for discussions on carding methods and other money laundering tips. Both the sites Trump’s Dump and Ferum Shop were popularly discussed on the Sky-Fraud forum. In addition to the seizure of carding vendors, Russian authorities have also taken down the Sky-Fraud forum with a note that translates to “Which one of you is next?

UAS Store – RDP Credentials Vendor

Since many of the workers were working from home during the pandemic, many companies issued the access for RDP (Remote Desktop Protocol) for employees to access their work systems remotely.  Hackers infiltrate poorly configured company networks and steal the RDP credentials of victims and posted them in the UAS Store.

Cybercriminals who wish to take down a corporate network or disrupt a company’s structure and operation can use this site to gain access to the system inside the corporate network.

UAS store has been active since 2017 and is estimated to have made around $3 million in cryptocurrency. As per the Elliptic report, nearly $862,000 was made during the pandemic. Authorities have shut down this website also.

Derailed Dark Web Market

The DarkWeb market seems to have stumbled upon the seizure of major vendors. Recent seizures came just after the retirement of UniCC and LuxSocks. UniCC is said to have gone offline just after the announcement and not as they promised. It has been confirmed that Russian authorities were behind UniCC retirement.

Latest seizures are expected to have covered 50% of the stolen credit card market and many of the major vendors are seemed to be planning for retirement as authorities might be knocking on their door anytime soon.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran is a Security Consultant, Security Editor & Co-Founder of Cyber Security News & GBHackers On Security.