What's the average price for a stolen credit card? How are prices shaped within the cybercrime ecosystem? Can we talk about price discrimination within the underground marketplace? Just how easy is to purchase stolen credit cards known as dumps or full dumps, nowadays?
In this intelligence brief, I will expose the market for stolen credit cards data, by profiling 20 gateways for processing of fraudulently obtained financial data.
Key summary points:
Tens of thousands of stolen credit cards a.k.a. dumps and full dumps offered for sale in a DIY market fashion The majority of the carding sites are hosted in the Ukraine and the Netherlands Liberty Reserve is the payment option of choice for the majority of the portals Four domains are using Yahoo accounts and one using Live.com account for domain registration Four of the domains are using identical name servers Each DIY gateway for processing of fraudulently obtained financial data has a built-in credit cards checker or offers links to external sites performing the service Several of the fraudulent gateways offered proxies-as-a-service, allowing cybercriminals to hide their real IPs by using the malware infected hosts as stepping stones Consider going through the research.