Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has detected a massive upload of debit and credit card records mostly related to the largest Turkish banks on one of the most popular underground cardshops, according to a statement issued by the company.
More than 460,000 records in total were uploaded between Oct. 28 and Nov. 27. The underground market value of the database is estimated at more than $0.5 million. Upon discovery of the database, Group-IB informed local authorities about the possible sale of the records so they could take the necessary steps.
“A breakdown of the data indicated that all the cards could have likely been compromised online either due to phishing, malware or increased activity of Java-Script sniffers,” commented Dmitry Shestakov, head of Group-IB’s сybercrime research unit.
“All the compromised credit and debit cards records in this database were identified as raw cards data also known as ‘CCs’ or ‘fullz’ and contained the following information: card number, expiration date, CVV/CVC, cardholder name as well as some additional info such as email, name and phone number, which, unlike card dumps (the information contained in the magnetic stripe), cannot be obtained through the compromise of offline POS terminals.”
To avoid a card being compromised online due to JS-sniffers, Group-IB experts recommend that users have a separate pre-paid card for online payments, set spending limits on cards used for online shopping, or even use a separate bank account exclusively for online purchases.