Payment card details are available at $9 apiece on Joker's StashPayment card details are available at $9 apiece on Joker's StashA Singapore-based cybersecurity company has detected a fresh database of credit and debit cards issued by Indian banks available for sale on the Dark Web. This database includes payment records of 461,976 cards, 98 per cent of which were from the "biggest Indian banks".
"On February 5, a new database under the name "INDIA-BIG-MIX" (full name: [CC] INDIA-BIG-MIX (FRESH SNIFFED CVV) INDIA/EU/WORLD MIX, HIGH VALID 80-85%, uploaded 2020-02-05 (NON-REFUNDABLE BASE) went on sale on the Joker's Stash - one of the most popular underground cardshops," Group-IB said.
ALSO READ: SBI Cards IPO likely to hit market in current quarter, says Rajnish Kumar
The latest database of payments cards is valued at $4.2 million in the underground market, each card being sold for $9 apiece, said cybersecurity firm Group-IB in a statement. So far 16 cards have been sold, it added. The company said it has informed the Indian Computer Emergency Response Team (CERT-In) about the leaked payment card details.
The records on sale include exposed card numbers, expiration dates, CVV/CVC codes, and even additional information such as cardholders' full name, as well as their emails, phone numbers and addresses.
This is the second instance of Indian cardholders' details being put up for sale on Joker's Stash that has been detected by Group-IB. In October 2019, the firm found a database of 1.3 million credit and debit card records of mostly Indian banks' customers uploaded to the Dark Web cardshop.
ALSO READ: RBI allows users to enable, disable credit, debit cards; modify usage limit
"The last case was registered in October last year, where information in the magnetic strips of payment cards, or card dumps, were put up for sale. This time around, the nature of data available indicates that the data was compromised during online transactions," said Dmitry Shestakov, Head of Group-IB Cybercrime research unit.
"In the current case, we are dealing with so-called fullz - they have info on card number, expiration date, CVV/CVC, cardholder name as well as some extra personal info. Such type of data is likely to have been compromised online - with the use of phishing, malware, or JS-sniffers - while in the previous case, we dealt with card dumps (the information contained in the card magnetic stripe), which can be stolen through the compromise of offline POS terminals, for example," Shestakov added.
ALSO READ: SBI Cards IPO: 5 things to know about upcoming IPO
Reliance Power eyes overseas gas projects; targets Kuwait, UAE, Malaysia
'A Stanford dropout has better odds': Nikesh Arora tells Nikhil Kamath what’s stifling India
Held stocks for 35 years, worth zero: Helios Capital's Samir Arora warns on long-term investing myths
Anant Ambani to get Rs 10–20 crore salary, profit commission as Reliance Executive Director
Monsoon reaches all of India 9 days early: When did it hit your region? Full breakdown
Exploring Detroit Of India | The Vande Bharat Journey From Chennai To Kanniyakumari
Trump T1 Phone: Actually 'Made In America' Or Just Smart Branding?
Why M&M, Tata Motors & Force Motors Stand Out In India’s Auto Story
Exploring India's Heart | 2000+ KM Train Adventure From Delhi To Chennai On Rajdhani Express
Banks Under Pressure? Nitin Bhasin Explains Why IT May Outperform
Warren Buffett donates $6 bn in Berkshire Shares to Gates Foundation, family charities
HDB Financial IPO attracts bids worth Rs 1.61 lk cr; check odds of allotment & latest GMP
Timex promoter offloads 15% stake in Indian arm through OFS
Airtel, Jio expand subscriber base in May 2025 as telecom sector maintains growth momentum
BEL, Torrent Pharma & Techno Electric: Expert view on short-term trading