Over 23 million stolen credit cards are being traded on the Dark Web

The US and the UK are the most common sources of stolen credit card data.
Written by Charlie Osborne, Contributing Writer

Over 23 million credit and debit cards were on offer in underground forums in the first half of 2019, researchers claim. 

On Thursday, cybersecurity firm Sixgill released its Underground financial fraud report, documenting the trends and trades taking place in the Dark Web in relation to stolen financial data. 

The research team said that out of the 23 million cards, nearly two out of every three originated in the United States, and while the US accounted for roughly two-thirds of stolen information, no other nation claimed more than 10 percent. 

Following the US was the United Kingdom as a popular source of stolen data whereas in comparison only 316 credit cards on sale came from Russia. 


See also: Enterprise under attack: Dark web cyber criminals sell hacking tools aimed at business

The researchers believe that two factors are in play which keeps the number of Russian payment cards low. The first is "underground criminal attitudes" to stealing Russian information given the prevalence of hackers originating from the country, and the second is Russia's economic position. 

"Russia's financial straights are nothing new -- its GDP per capita is $11,000, a sixth of America's $62,000," the report reads. "With such staggering economic disparity between the two countries, we can certainly expect a sizable difference between the number of American and Russian cards offered for sale in underground markets."

Illegal trading posts and marketplaces are constantly being closed by law enforcement agencies. However, when it comes to the purchase and sale of stolen information, a handful of websites remain popular. According to Sixgill, three trading posts accounted for 64 percent of the cards on offer during the first half of 2019. 


CNET: Facebook hit with hefty FTC and SEC fines, DoorDash changes tipping policy

In total, 57 percent of stolen financial records were related to Visa cards, followed by Mastercard at 29 percent. AMEX accounted for 12 percent. 

You can pick up stolen credit card data for as little as $5. Dumps containing potentially thousands of numbers usable in the creation of clone cards for physical purchases are common, but the most valuable commodities are records also containing CVV  numbers -- the three-digit security code found on the back of payment cards. 

Given a CVV code alongside full card numbers and expiry dates, fraudsters would be able to make purchases in person as well as online. 

TechRepublic: Facebook data privacy scandal: A cheat sheet

Cybercriminals are also willing to shift their wares to other channels in response to market closures. The report says that Instant Relay Chat (IRC) and encrypted platforms, such as Telegram, are also providing a way for stolen data to be traded. 

"The centralization of fraudulent activity in a handful of markets mirrors similar economic and commercial patterns in real-world financial markets," the researchers say. "This phenomenon may seem like a ripe opportunity for law enforcement agencies to effectively shut down a sizable portion of cybercriminal activity; however, as we've seen in the past with the shutting down of markets like Alphabay, Hansa, and Silk Road, threat actors quickly migrate their activities to other markets."

A basic guide to diving in to the dark web

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Editorial standards