Heimdal
article featured image

Contents:

A new criminal carding marketplace promoted itself by leaking data for one million credit cards that have been stolen between 2018 and 2019.

Carding can be defined as the trafficking and use of stolen credit cards. Credit cards usually get stolen through point-of-sale malware, magecart attacks on websites, and by using information-stealing trojans.

The credit cards are sold on criminal carding marketplaces where they can be bought by other threat actors that buy them in order to make online purchases or to buy hard-to-trace prepaid gift cards.

What Happened?

A new criminal carding marketplace has been apparently launched.

It is conceivable that the data come from the Allworld [.] Cards database, a website dedicated to carding, that is to say the type of criminals who revolve around fraud with credit cards, prepaid cards, etc. The cards marketed on carding sites they usually have different origins: skimmers at petrol stations or in supermarket pos, cards from phishing, from database of compromised sites, etc.

The curators of All World Cards began advertising their services on carding sites in early June, as seen in the screenshots below, and it is conceivable that the data was shared for free to entice other criminal actors to frequent their site. web by purchasing additional stolen data from unsuspecting victims.

Source

It seems that AllWorld Cards is the name of the carding marketplace. The malicious actor posted to numerous hacking forums where they leaked one million credit cards for free.

forum-post-AllWorld Cards

Source

It’s concerning that by looking at a random sampling containing 98 cards it seems that approximately 27% of them were still active.

Things are about to get even more concerning as a report released by the Italian security firm D3Labs shown that 50% of the cards are still valid.

At present, the feedback returned to our analysis team is still limited, but they are showing an incidence close to 50% of cards still operational, not yet identified as compromised.

Source

D3Lab was not the only cybersecurity company that took a special interest in this leak as the cybersecurity company Cyble also analyzed the credit card dump.

As reported by the journalists at BleepingComputer the leak contains credit card numbers, expiration dates, CVVs, names, countries, states, cities, addresses, zip codes for each credit card, and email/phone numbers.

In order to make it easier for the users to check if their cards were part of the breach, Cyble imported the data into their AmIBreached service.

The All World Cards site was launched in May and has an inventory of 2,634,615 credit cards, with the United States being the country with the largest number of credit cards for sale, 1,167,616.

The All World Cards could be considered a newcomer to the carding scene, but the promotion was appreciated by the threat actors who have downloaded the dump.

The cards can be bought for prices ranging between $0.30 and $14.40.

Author Profile

Dora Tudor

Cyber Security Enthusiast

linkedin icon

Dora is a digital marketing specialist within Heimdal™ Security. She is a content creator at heart - always curious about technology and passionate about finding out everything there is to know about cybersecurity.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE