BriansClub, a black-market website for buying stolen credit card data, has been hacked by unknown intruders and extracted around 26 million credit and debit card records. According to cybersecurity journalist Brian Krebs, the website sold more than 9.1 million stolen card data and earned over US$ 126 million.
According to a report published on the site KrebsOnSecurity.com, the exposed information included credit card data uploaded from 2015 to 2019. It’s found that BriansClub added 1.7 million card records for sale in 2015, and 2.89 million in 2016.. In 2019 (between January and August), BriansClub added nearly 7.6 million cards.
Brian Krebs complained that the BriansClub site is using his name and his image on their ads to carry their activities.
“Last month, KrebsOnSecurity was contacted by a source who shared a plain text file containing what was claimed to be the full database of cards for sale, both currently and historically, through BriansClub[.]at, a thriving fraud bazaar named after this author. Imitating my site, likeness, and namesake, BriansClub even dubiously claims copyright with a reference at the bottom of each page: “© 2019 Crabs on Security,” said Brian Krebs.
“The stolen card data from BriansClub was shared across multiple sources who work with financial institutions to identify and monitor or reissue cards that show up for sale in the cybercrime underground. An extensive analysis of the database indicates BriansClub holds approximately $414 million worth of stolen credit cards for sale, based on the pricing tiers listed on the site,” Krebs added.
Brian Krebs helped several organizations by reporting potential vulnerabilities to them. In August 2019, Krebs reported about a state-sponsored phishing attack launched against the Indian IT outsourcing and consulting giant Wipro. He stated the company was dealing with a multi-month intrusion from an assumed state-sponsored attacker.
According to reports from Krebs On Security, “One source familiar with the forensic investigation at a Wipro customer said it appears at least 11 other companies were attacked, as evidenced from file folders found on the intruders’ back-end infrastructure that were named after various Wipro clients.”