A threat actor is promoting a new criminal carding marketplace by releasing one million credit cards stolen between 2018 and 2019 on hacking forums.
Carding is the trafficking and use of stolen credit cards. These credit cards are stolen through
point-of-sale malware,
magecart attacks on websites, and information stealing trojans. These stolen credit cards are then sold on criminal carding marketplaces where other threat actors purchase them to make online purchases, or more commonly, to buy hard-to-trace prepaid gift cards. Last week, a new criminal carding marketplace called AllWorld Cards posted to numerous hacking forums where they leaked one million credit cards for free. According to the forum post, these credit cards were stolen between 2018 and 2019.
The threat actor states that a random sampling of 98 cards showed approximately 27% of the cards were still active. However, a report by Italian security firm D3Labs shows that 50% are still valid, a far more significant amount than initially indicated . "At present, the feedback returned to our analysis team is still limited, but they are showing an incidence close to 50% of cards still operational, not yet identified as compromised." reported D3Lab in a
blog post about the leak. Cybersecurity firm Cyble
also analyzed the credit card dump and told BleepingComputer that the leak contains credit card numbers, expiration dates, CVVs, names, countries, states, cities, addresses, zip codes for each credit card, and email/phone numbers. While Cyble has only analyzed 400,000 cards so far, the top five associated banks are:
- STATE BANK OF INDIA (44,654 cards)
- JPMORGAN CHASE BANK N.A. (27,440 cards)
- BBVA BANCOMER S.A. (21,624 cards)
- THE TORONTO-DOMINION BANK (14,647 cards)
- POSTE ITALIANE S.P.A. (BANCO POSTA) (14,066 cards)
To check if you card was part of this breach, Cyble imported the data into their
AmIBreached service. If your information was found in this breach, it is strongly advised that you contact your credit card company to request a new credit card and number. You should also review your credit card statement thoroughly to check for historic fraudulent charges and future charges. The All World Cards site is a relative newcomer to the carding scene, and the promotion has been met with appreciation by many threat actors who have downloaded the dump. The carding site started in May 2021 and has an inventory of 2,634,615 credit cards. The country with the most cards is the United States, with 1,167,616 cards for sale.
Cards range in price between $0.30 and $14.40, with 73% of the cards costing between $3.00 and $5.00. All World Cards is a new marketplace for cybersecurity firms and threat intelligence companies to watch. They aim to be a big player, and with this one million free dump, they will likely attract many other threat actors to their marketplace.