CERT-in alerted to stolen data on offer on dark net.

A whopping 98% out of a large packet of sensitive credit and debit card details, that have been put up for sale on the dark net, are those of Indian customers, Group-IB — a Singapore-based cybersecurity company — has revealed.

According to Group-IB’s statement released on Friday, the stash of 4,61,976 card payment details went up for sale on Wednesday on Joker’s Stash, one of the most secretive portals on the dark net for buying such information. Group-IB has already informed Indian authorities about the leak.

The company has also observed that the data is suspected to have been collected from phishing rackets, which are on the rise in India over the last few years.

Also Read Sex, drugs and the dark web

Superintendent of Police (Maharashtra Cyber) Balsing Rajput said, “We are studying the information and the data and will soon be issuing an advisory in this regard.”

Group-IB’s statement said, “The underground market value of the database is estimated at more than $4.2 million. The source of this batch currently remains unknown. Upon the discovery of this database, Group-IB has immediately informed the Indian Computer Emergency Response Team (CERT-In) about the sale of the payment records, so they could take necessary steps.”

Group-IB's threat Intelligence Team has found that the details are comprehensive in nature, and include card numbers, expiration dates, CVV/CVC codes and, in this case, some additional information such as cardholders’ full names, their emails, phone numbers and addresses.

Second major leak

“This is the second major leak of cards relating to Indian banks detected by Group-IB Threat Intelligence team in the past several months. In the current case, we are dealing with so-called fullz — they have info on card number, expiration date, CVV/CVC, cardholder name as well as some extra personal info. Such type of data is likely to have been compromised online — with the use of phishing, malware, or JS-sniffers — while in the previous case, we dealt with card dumps (the information contained in the card magnetic stripe), which can be stolen through the compromise of offline POS terminals, for example,” Dmitry Shestakov, Head of Group-IB cybercrime research unit said.

JavaScript or JS-Sniffers are programmes used for stealing credit and debit card information from e-commerce websites, and are among the latest concerns when it comes to cybersecurity and theft of sensitive card details.

In October 2019, Group-IB Threat Intelligence team had detected the first such database of over 1.3 million credit and debit card records, mostly of Indian customers.