Over 600,000 Bank Card Details Leaked via Dark Web – Cybersecurity Report

The details of more than 600,000 bank cards around the world have been leaked on the dark web, according to a new report by cybersecurity company NordVPN.

The research report uncovered that financial information “is being harvested from users through malware.”

This malicious software is designed “to infiltrate, damage, or exploit computer systems and networks, often used by cybercriminals to steal sensitive information like credit card details.”

Adrianus Warmenhoven, a cybersecurity advisor at NordVPN, explains:

“The malware didn’t just steal the victims’ payment card details. Most of the stolen payment cards’ info came with a big bonus for cybercriminals — users’ autofill information and account credentials. This additional information opens doors to an even wider range of attacks, including from identity theft, online blackmail, and cyber extortion.”

The study showed that as many “as 99% of the stolen cards included additional data, such as the victim’s name, computer files, and saved credentials.”

Malware as a service: A cybercriminal’s payday

Cybercriminals use malware as a service, “or subscription-based malware tools, for information theft.”

They function like any other subscription service — the criminal pays “a fee and receives access to various data-stealing features.”

Warmenhoven added:

“Malware is often used as a ‘weapon of mass infection’ because the results are able to spread at scale, even for relatively unskilled people. The payment card thieves are not ‘cyber’ criminals in the first place — they are criminals that have found a new tool to do what they would have done anyway.”

Malware as a service is available for purchase “for as little as $100-150 per month from specialized dark web marketplaces.”

The providers of malware go the extra mile to “support their customers, often providing extensive guidance, user guides, and dedicated forums where newbies can get help.”

The research revealed that six out of 10 payment cards (60%) were “stolen using the sophisticated information stealer, RedLine.”

Warmenhoven explains:

“RedLine is a significant threat due to its affordability, effectiveness, and accessibility. It’s easily deployed through social engineering and continually adapts to evade detection. It is supported by dedicated Telegram channels, making it especially dangerous and accessible to novice cybercriminals.”

Redline infiltrates devices via various methods “that demand vigilance, such as phishing emails, exploiting software vulnerabilities, deceptive ads, and compromised public USB ports. Sophisticated techniques like man-in-the-middle and remote code attacks are also employed to deliver malware directly.”

The unfortunate truth is that stolen data “is sold and used incredibly quickly — often in a matter of hours.”

Cybercriminals know that the quicker they “exploit the stolen payment card details, the higher the chance their fraudulent transactions will go through.”

Visa cards and American users are the most targeted in widespread payment card theft

All payment cards are at risk of theft.

However, payment cards from “the most popular providers may be stolen more often because more people use them.”

The research showed that over half (54%) of “the 600,000 cards were Visa, and a third (33%) were Mastercard cards.”

Payment card theft is particularly “rampant in the US, with most stolen payment card details coming from American users.”

However, payment card theft also severely “impacts users in several other countries, such as Brazil, India, Mexico, and Argentina.”

Phishing emails and texts, designed to mimic correspondence from your bank, or another trustworthy company, are often responsible “for malware infections. Knowing the most common signs of phishing is crucial.”

Use strong passwords: Creating long, complex, and unique passwords “helps protect your accounts. Encrypted password managers, such as NordPass, can be useful in helping to combat fraud and make sure your card details are safe.”

Secure accounts with MFA: Setting up multi-factor authentication on your accounts “adds an extra layer of security, which can prove useful if someone gets hold of your credentials.”

Discuss concerns with credit card provider: If you recognize suspicious activity “on your credit card statement, contact your provider immediately and alert them to the issues.”

If you have provided your details to a website which you subsequently believe is unsafe, you can request to cancel your card and request a new one.

Avoid shady downloads: Avoid downloading software, apps, or updates from unofficial sources — get them from app stores or official websites instead.

Use comprehensive anti-malware technology: It blocks dangerous sites and scans files during download to prevent malware infections.

Methodology

The research was conducted by NordStellar, “a threat exposure management platform from the creators of NordVPN.”

NordStellar researchers analyzed stolen card data “for sale on hacker Telegram channels to understand how this information was obtained.”

The research reviewed various data points, “such as when the incident occurred, the providers of the stolen cards, the data harvested alongside the payment card, the type of malware used, the country of the incident, and the targeted operating system (OS).”

The research took place in April 2024.



Sponsored Links by DQ Promote

 

 

 
Send this to a friend