Cyber Security News

Russia Seizes Four Major Dark Web Carding Estimated $263M in Crypto Sales

Recently, Four Major Illicit DarkWeb sites have been taken down by the Russian Ministry. 

  • Sky-Fraud
  • Trump’s Dumps
  • UAS Store
  • Ferum Shop

Millions of payment card details are stolen from retailers and payment companies every day and are sold in the Darkweb market for crypto assets. Cybercriminals use these cards to purchase items online which can then be sold to make cash. This method was popularly called “Carding”

The Fall of Stolen Credit Card Market

The Stolen Credit card market has been on the fall since many of the vendors were either ending their sites or taken down by the authorities. The market contributes to nearly $263 million collections overall. Last year, Joker’s Stash one of the largest Stolen credit card vendors shut down its operations followed by UniCC this year which was the second-largest vendor.

Ferum Shop and Trump’s Dumps, Two of the major Stolen Credit card vendors that were active were seized by the Russian Authorities. When Joker’s Stash left the market, UniCC became the market leader, and shortly after UniCC shut down Ferum Shop was the leader. Ferum shop was established in October 2013 and has earned over $256 million in Bitcoin through stolen card sales.

Trump’s Dump is a magnetic strip data vendor. Trump’s Dumps is infamous for using the image of President Donald Trump’s picture for branding. Altogether, Trump’s Dumps is estimated to have made around $4.1 million since 2017.

Sky-Fraud – Trump’s Dump and Ferum Shop

Sky-Fraud is one of the major carding forums used by cybercriminals for discussions on carding methods and other money laundering tips. Both the sites Trump’s Dump and Ferum Shop were popularly discussed on the Sky-Fraud forum. In addition to the seizure of carding vendors, Russian authorities have also taken down the Sky-Fraud forum with a note that translates to “Which one of you is next?

UAS Store – RDP Credentials Vendor

Since many of the workers were working from home during the pandemic, many companies issued the access for RDP (Remote Desktop Protocol) for employees to access their work systems remotely.  Hackers infiltrate poorly configured company networks and steal the RDP credentials of victims and posted them in the UAS Store.

Cybercriminals who wish to take down a corporate network or disrupt a company’s structure and operation can use this site to gain access to the system inside the corporate network.

UAS store has been active since 2017 and is estimated to have made around $3 million in cryptocurrency. As per the Elliptic report, nearly $862,000 was made during the pandemic. Authorities have shut down this website also.

Derailed Dark Web Market

The DarkWeb market seems to have stumbled upon the seizure of major vendors. Recent seizures came just after the retirement of UniCC and LuxSocks. UniCC is said to have gone offline just after the announcement and not as they promised. It has been confirmed that Russian authorities were behind UniCC retirement.

Latest seizures are expected to have covered 50% of the stolen credit card market and many of the major vendors are seemed to be planning for retirement as authorities might be knocking on their door anytime soon.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Guru Baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Weekly Cyber Security News Letter – Data Breaches, Vulnerability, Cyber Attack & More

On a weekly basis, the cyber security newsletter is considered an essential update on information…

4 hours ago

8.5 Million Windows Systems Hit by CrowdStrike Faulty Update – Microsoft Says!

Microsoft has revealed that a faulty software update released by cybersecurity firm CrowdStrike on July…

24 hours ago

Hackers Exploits CrowdStrike Issues to Attack Windows System With RemCos Malware

On July 19, 2024, CrowdStrike identified an issue in a content update for the Falcon…

1 day ago

Alert! Hackers Exploiting CrowdStrike Issue in Cyber Attacks

Cybersecurity experts have uncovered a concerning development following the recent CrowdStrike Falcon sensor issue that…

2 days ago

10 Best Linux Firewalls In 2024

At present, many computers are connected via numerous networks. Monitoring all traffic and having something…

2 days ago

CrowdStrike Releases Fix for Updates Causing Windows to Enter BSOD Loop

CrowdStrike has issued a fix for a problematic update that caused numerous Windows systems to…

2 days ago