Researchers Discover E-Store Selling Stolen Credit Card Information

master-cardWhat do cybercriminals do with stolen credit card data?

While the obvious answer may be “use it to purchase whatever they want,” we are forgetting another route cyber-thieves can take: selling that stolen data to others.

Researchers over at Webroot have stumbled upon an online store that appears to be focused solely on selling stolen credit card information to anyone that’s willing to take the risk.

According to Webroot’s Dancho Danchev, the site appears to be well put together for the most part, complete with a “well-developed” search engine that helps fraudsters find exactly what they’re looking for.

“The service is currently offering 9,132 stolen credit cards for sale, and has already managed to sell 3292 credit cards to prospective cybercriminals.” Danchev revealed in a blog post on Monday.

Professional Looking eStore Offers Stolen Credit Card DataScreenshot Credit: Webroot

Fees for card information vary depending on the card type: Debit cards go for just $16 while credit cards fetch $30 or more. Discounts are promised to those that purchase the data in bulk.

Fraudsters appear to be satisfied with the sales price and have already snatched up the information for 3,292 cards.

As to why the e-store owner opted to sell the stolen data opposed to use it, Danchev says that answer is surprisingly simple. “The practice is called “risk forwarding” which intersects with the e-shop owner’s desire to achieve instant financial liquidity of his assets, “ Danchev explained. “Instead of manually verifying the balance of the cards, he’s focused on bulk orders and forwarding the risk of getting caught to the prospective customers of his services.”

Photo Credit: 401(k)2012

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet“Like” us on Facebook or add us to your circle on Google+.

This entry was posted in Computer Security, technology and tagged , , , .
Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.
  • Pingback: New Universal Man-in-the-Browser Attack Efficiently Captures Data in Real-Time | Technology News, Computer Security - Hyphenet Blog

  • Bunnyswanson

    Has anyone been charged by a company called Redhorn out of Albany?  Apparently they sell military equipment.  I was billed for 375 dollars.  I am a 54 yr old woman.  I think my CC # was hijacked.  I changed it quickly.  Scams are going to be the bane of our existence in this bad economy.

    • Marquisa Kirkland

      I have not heard of that company before, but I hope you were able to recover your stolen funds! Canceling the credit card that was charged is a good idea. Hopefully it doesn’t happen again in the future on your new card(s)!

© 2014 Hyphenet, Inc.
1761 Hotel Circle S, Suite 350, San Diego, CA 92108

All rights reserved. Reproduction in whole or in part in any form or medium without express written permission is prohibited.

Hyphenet IT Security Blog located at 1761 Hotel Circle South, Suite 350 , San Diego, CA . Reviewed by 91 customers rated: 3.8 / 5