Group-IB has informed the public that the notorious Joker’s Stash darknet marketplace has put up for sale a massive new dump. This includes about 1.3 million credit and debit cards belonging to Indian banks and their respective customers. The dump was uploaded onto the market on October 28, and the total value of the database entries is estimated to exceed $130 million. A single entry is priced at $100, and there are no item differentiations, meaning that there has been no cherry-picking.
As the CEO and founder at Group-IB, Ilya Sachkov commented, usually, such breaches are uploaded in several smaller parts and at different times, to maximize the profits of the sellers. This database though is a massive one, and no one was expecting it at this time. Indian bank breaches are generally a rare occurrence, so one doesn’t stumble upon Indian cards very often. A small percentage of the dump, which corresponds to about 1%, belongs to Colombian banks.
The card records include magnetic stripe data (Track 2), so the information wasn’t sourced by online skimmers. Moreover, the fact that the variety of the compromised banks is pretty broad, also rules out the possibility of ATM malware. All that said, the actual source of the data is completely unknown right now. Possibly, the sources are multiple, and the time of acquisition may also cover an extended period of time.
As we have seen recently, the Joker’s Stash has upgraded its infrastructure as well as its offerings, adding SSNs and PII on top of the classic card dumps that it became so well-known for. This dump comes as the first one that signifies the upgrade in the marketplace’s offerings, and it certainly is an impressive one.
All that said, if you’re in India, you should call your bank and ask for clarifications immediately. Right now, Group-IB is collaborating with ZDNet to analyze the data and figure out exactly what corresponds to whom. Until more concrete information surfaces, you should monitor your bank account and even freeze it if possible. Right now, the dump is for sale, and it will soon reach many malicious hands who will use the data to create clone cards.
Are you in India? Can you share what your bank told you about the incident? Share any details that you can with us in the comments section down below, or on our socials, on Facebook and Twitter.