Financial information like credit/debit card and bank account numbers continue to be peddled on underground dark web markets. Threat actor groups and other cybercriminal affiliates often rely on the darknet markets to obtain sensitive financial data and exploit it later. A new analysis from NordVPN found over 4 million (4,481,379) payment card details, belonging to users across 140 countries, being traded on the dark web. The hackers were found selling payment cards information for $10 on average per card. The highest number of card details found for sale were from the U.S., Australia, and Hong Kong.
Card Numbers are Brute-forced
NordVPN found that most of the sensitive financial information traded on the dark web was harvested via brute-forcing. Brute-force technique is often used to guess passwords and penetrate targeted accounts. The passwords are guessed using dictionaries or common word combinations.
“Increasingly, the card numbers sold on the dark web are brute-forced. Brute-forcing is a bit like guessing. Think of a computer trying to guess your password. First, it tries 000000, then 000001, then 000002, and so on until it gets it right. Being a computer, it can make thousands of guesses a second. After all, criminals don’t target specific individuals or specific cards. It’s all about guessing any viable card details that work to sell,” said Marijus Briedis, CTO at NordVPN.
- The independent researchers found 1,561,739 sets of card details for sale on the dark web from the U.S. during their research. This was far more than from anywhere else.
- 1,561,739 out of 4,481,379 payment card details found by researchers for sale belonged to Americans.
- More than half of all the discovered payment cards coming from the U.S. were Visa, followed by Mastercard (406,851) and American Express (143,836).
- The second most affected nation was Australia, with 419,806 card data researchers discovered for sale on the dark web. And 399,537 hacked payment cards belonged to people from Hong Kong.
- Comparing the number of credit and debit cards, overall, the difference wasn’t very big, with 52.05% of the discovered cards being debit and 47.95% being credit cards.
- Debit cards were more common than credit cards in the markets the independent researchers surveyed. Hacked debit cards put their victims at greater risk because there tend to be fewer protections in place for debit.
Threat actors often obtain confidential financial data to make fraudulent purchases or trade across underground forums. Users need to be extra vigilant while giving their financial information online. Maintaining strong password hygiene with multi-factor authentication procedures is recommended.
Briedis added, “Review your monthly statement for suspicious activity and respond quickly and seriously to any notice from your bank that your card may have been used in an unauthorized manner. Another recommendation is to have a separate bank account for different purposes and only keep small amounts of money on the one your payment cards are connected to. Some banks also offer temporary virtual cards you can use if you don’t feel safe while shopping online.”
In an exclusive quote to CISO MAG, Troy Adam Hunt, Information Security Author and Instructor at Pluralsight and Founder of Have I Been Pwned, said, “This research shows that now more than ever, as our lives are increasingly digitized, we face ongoing threats to our privacy, finances and general wellbeing. Particularly striking in this report is the indiscriminate nature of brute-forcing credit card numbers; you don’t have to be personally targeted, you’re literally just a number that a computer can guess and that can have a major impact on your financial posture.”