It is noteworthy that a day after the publication, the post was edited.
Promotion of unprecedented generosity from the AllWorld.Cards store) Source: Group-IB Threat Intelligence & Attribution system Figure 2 – Screenshot from Group-IB Threat Intelligence & Attribution system On August 2, 2021, the same message was posted on two carding forums “crdclub” and “xss.” The user nicknamed “AW_cards” in what they called “An extraordinary act of generosity” uploaded a database containing 1 million payment records, some of which included email addresses and phone numbers.įigure 1 – Screenshot from “xss” forum (AW_cards: “We publish 1,000,000 bank cards to the public. This post analyzes the latest 1 mln stolen bank card record database as well as the short history of the All World Cards card shop and the activity of its alleged owners who are most likely not the newbies of the carding business. Group-IB researchers found out that the alleged owners of the card shop had launched a massive promo campaign in the underground to advertise their new platform, which, in addition to a huge database giveaway, included a writing contest for other cybercriminals with a cash prize of USD 15,000. The analysis of the file revealed that this huge batch of compromised cards had not appeared on other underground forums.įurther research revealed that the post was nothing but a very bold ad to scale up the user base of newly established card shop All World Cards, which joined the carding market in May 2021. It’s especially unusual for a previously unknown market player. The post immediately sparked Group-IB researchers’ interest, because cybercriminals in the carding community rarely offer so many cards for free.
0 kommentar(er)
