Singaporebased Group-IB security research team has unearthed a large database of credit and debit card details on the dark web.
The data dump dubbed as 'INDIA-MIX-NEW-01' is available in two volumes Track 1 and Track 2. They contain payment credentials of more than 1.3 million users. Of the total accounts, 98-percent belongs to Indian banks and rest are said to be from Columbian financial institutions.
As per the screen-shot shared by Group-IB, each card is being sold for $100 (roughly Rs 7,092) and in total, it costs more than $130 million (approx. Rs 921.99 crore), making it the most valuable financial information to be put up for sale on the dark web to date.
The payment card details are being sold on the infamous underground card shops, Joker’s Stash, since October 28, 2019.
There is no specific information on the names of the Indian banks and finance companies just yet, as the data was uploaded a few days ago. But, researchers are of the opinion that the information might be collected using skimming devices installed on ATMs and PoS (Point-of-Sale) machines.
What is Debit/Credit card Skimming?
criminal installs a credit/debit data retriever device at ATM's card slot in addition to a key-stroke tracker on the keypad (or sometimes place a small camera near it). Once the user inserts the card, it copies all the information in the magnetic stripe on the back of the card and the 4-digit PIN number will be recorded in the other device.
After gaining information, the hacker creates a fake card and use it to buy merchandise or cash out the money from an ATM. Its the same with PoS terminals, but in most cases, the culprit will be a hotel waiter or gas station attender, who in their bid to make quick bucks, resort to such crimes and eventually get caught. The IB-Group research team has informed its clients and regulatory authorities.
"It is true that big payment data leaks have happened before; however, the databases are usually uploaded in several smaller parts and at different times. This is indeed the biggest card database encapsulated in a single file ever uploaded on underground markets at once. What is interesting about this particular case is that the dаtabase that went on sale hadn’t been promoted prior either in the news, on card shop or even on forums on the darknet.
The cards from this region are very rare on underground markets, in the past 12 months it is the only big sale of card dumps related to Indian banks. Group-IB’s Threat Intelligence customers have already been notified about the sale of this database. The information was also shared with proper authorities," Ilya Sachkov, CEO and founder at Group-IB, said in a statement.
How to detect skimmers on ATM and PoS machines:
1) Look for loose attachments on the keypad and in the card slot. if you feel it is detachable pull it.
2) Also, look for signs of glue or tape around the keypad and card slot. Just use fingers to feel them.
3) If you are still wary about the ATM security, cover your keypad with the hand when typing the pin number, as most criminals install cameras to record keystrokes
4) It goes without saying; lose the card with just the magnetic strip and get the latest one with the EMV chip
5) The same method applies to PoS terminals. Check for loose parts particularly at the base where the card goes into the machine.