One Million Credit Cards Leaked To Promote Carding Market

Share post:

Cybercriminals are fuelling a new criminal carding marketplace by posting one million credit cards stolen between 2018 and 2019 on hacking forums.

Carding refers to the trade and use of stolen credit cards by point-of-sale malware, magecart attacks on websites and the theft of information by trojans.

These stolen credit cards are then sold on criminal carding marketplaces where other actors buy them to make online purchases or, more often, to buy hard-to-trace prepaid gift cards.

A week ago, a new criminal carding marketplace called AllWorld Cards posted to various hacker forums, where one million credit cards were leaked for free.

A threat said that a random sample of 98 cards showed that about 27% of the cards were still in use. However, a report by the Italian security firm D3Labs found that 50% are still valid, a far more significant percentage than originally stated.

While cybersecurity firm Cyble has analyzed only 400,000 cards so far, the top five associated banks are:

  • STATE BANK OF INDIA (44,654 cards)
  • JPMORGAN CHASE BANK N.A. (27,440 cards)
  • BBVA BANCOMER S.A. (21,624 cards)
  • THE TORONTO-DOMINION BANK (14,647 cards)
  • POSTE ITALIANE S.P.A. (BANCO POSTA) (14,066 cards)

Cyble imported the data into its AmIBreached service to check if its own credit card details had been stolen.

The AllWorld Cards site is still fresh in the carding scene, and the promotion has been met with appreciation by many threat actors who downloaded the stolen card data.

It began in May 2021 and has a stock of 2,634,615 credit cards. The nation with the most cards is the U.S., with 1,167,616 cards for purchase.

Cards cost between $0.30 and $14.40, with 73% of the cards costing between $3.00 and $5.00.

For more information, read the original story in BleepingComputer.

Featured Tech Jobs


Related articles

The US government and Its Microsoft dependency: A cybersecurity dilemma

Microsoft's series of high-profile cybersecurity failures has once again spotlighted the complex relationship between the tech giant and...

Cyber Security Today, Week in Review for week ending Friday, April 12, 2024

This episode features a discussion on Microsoft's cybersecurity troubles, worries about open source, a warning about abusing IT help desks to launch attack

Cyber Security Today, April 12, 2024 – A warning to Sisense customers, a new tactic for spreading the Raspberry Robin worm, and more

A warning to Sisense customers, a new tactic for spreading the Raspberry Robin worm, and more. Welcome to Cyber Security Today. It’s Friday April 12th, 2024. I’m Howard Solomon. Organizations that use products from business analytics provider Sisense [SI-SENSE] are being told to reset user login credentials and digital keys. The warning comes from the

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways