One Million Stolen Credit Cards Hit The Dark Web

A Russian cyber criminal group called AllWorld.Cards has released 1 million stolen credit cards on the Dark Web and now hundreds of thousands of active credit card payment credentials are freely available to criminals. 

The incident is aimed at promoting AllWorld.Cards, a new cyber criminals’ Dark Website for selling payment credentials online  to test the resources for free before eventually paying for the new service. Researchers at threat intelligence firm first  Cyble noticed the leak during routine monitoring of Dark Web marketplace.

Cyble released a post detailing their findings. The cards were all stolen between 2018 and 2019, according to the advertisements.  The leaked cards include information such as credit card numbers, expiration dates, CVV, name, country, state, city, address, ZIP code, emails, and phone numbers. 

This leaves the victims susceptible not only to financial theft, but to identity fraud, phishing, and social engineering. 

AllWorld.Cards appears to be a relatively new player to the market for selling stolen credit-card data on the Dark Web, according to Cyble. “Our analysis suggests that this market has been around since May 2021 and is available on a Tor channel as well,” according to the post.

The black market for stolen credit cards is a massive illegal business, with cyber criminals getting their hands on card data in a number of ways. 

In the last six months of 2020 alone, threat actors offered more than 45 million compromised cards for sale in underground credit-card markets monitored by security firm Cybersixgill. These cards are then used by cyber criminals to make online purchases, including buying gift cards, that are hard to track back to them. There is some uncertainty about how many of the cards are actually still active and available for cyber criminals to use. Cyble researchers noted that threat actors claimed that 27 percent, according to a random sampling of 98 cards, are still active and can be used for illegal purchasing.

To protect yourself you need to contact one or other credit reporting firm to initiate a fraud alert, which in turn is legally obligated to share your notice with others - it is free.

CyberSixGill:      CNBC:     Oodaloop:    Threatpost:      BlackLake Security

You Might Also Read: 

2021 - Inside The Dark Web:

 

« Cyber Crime In 2025
Suspected Russian Spy Arrested »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

UK Cyber Week Expo & Conference

UK Cyber Week Expo & Conference

Award-winning event organiser ROAR B2B announces the launch of UK Cyber Week and its inaugural event on 4 and 5 April 2023 at the Business Design Centre, London.

SecDev

SecDev

We create technical solutions for collecting and analyzing cyber intelligence. Our approach is always at the wider network level to garner the best possible understanding of cyberspace.

Titania

Titania

Titania provide network security and compliance software. Find your Network Security gaps before hackers do with our security & compliance tools.

Novetta

Novetta

Novetta pioneers disruptive technologies in data analytics, full-spectrum cyber, media analytics, and multi-INT fusion.

CSO GmbH

CSO GmbH

CSO GmbH provide specialist consultancy services in the area of IT security.

SaltStack

SaltStack

SaltStack develops award-winning intelligent IT automation software. We help businesses more efficiently secure and manage all aspects of their digital infrastructure.

DarkLight

DarkLight

DarkLight is a cybersecurity platform that mimics human thinking at scale to build resiliency to Advanced Persistent Threats.

PeopleSec

PeopleSec

PeopleSec specializes in the human element of cybersecurity with a comprehensive set of services designed to maximize your security by educating your workforce as a whole.

PAX Momentum

PAX Momentum

PAX Momentum is the Mid-Atlantic’s premier startup accelerator, specializing in cyber, enterprise software, telecom, CleanTech, FinTech, InsureTech, and AI.

Templar Shield

Templar Shield

Templar Shield is a premier information security, risk and compliance technology professional services firm serving North America.

Sontiq

Sontiq

Sontiq is committed to providing best-in-class, highly scalable, award-winning identity security solutions to consumers, businesses and government agencies.

Kordia

Kordia

Kordia is a leading provider of mission-critical technology solutions throughout Australasia. We have the most comprehensive cyber security offering in New Zealand.

Grant Thornton

Grant Thornton

Grant Thornton is one of the world’s leading networks of independent assurance, tax and advisory firms.

Appurity

Appurity

Appurity specialises in mobile and application security, delivering comprehensive solutions across all verticals.

Tenet3

Tenet3

Tenet3's vision is to make optimal cyber strategy development tractable, data driven, with concrete success metrics. The result is cost effective cyber resilience for our customers.

Tarlogic

Tarlogic

Tarlogic works to protect and defend your security with the highest quality technical team with next generation solutions to achieve the best protection.

Sitehop

Sitehop

Sitehop is a cybersecurity technology company developing and supplying FPGA hardware-enforced cyber security solutions for networks.