New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Joker’s Stash Marketplace Found to Have 69,000 Payment Card Dumps

Pakistani bank cards with a worth of $3.5 million dollars have been found for sale on the Joker’s Stash underground forum. Ninety-six percent of the payment details found on the site were stolen from Meezan Bank, Ltd. Prices for information of a single card spanned from $10 to $40 dollars, while the cards that came with a PIN number stayed at a firm price of $50 dollars. The information was found in two databases that were released within six days of each other at the end of January. Of those two databases, the first one was named «PAKISTAN-D+P-01» and contained the least amount of information with 1,535 cards. The second, «PAKISTAN-D+P-02», contained the bulk of the information with 67,654 Pakistani bank cards. Various activities including reselling of the cards for even more money and withdrawing cash from ATM’s are what these stolen cards are used for. “Another scheme of cashing out involves the use «white plastic» dumps (cloned cards) and dummy companies (linked to money mules) with bank accounts and POS terminals: fraudsters use «white plastic» to buy nonexistent goods, and funds from compromised cards get transferred to bank accounts linked to dummy companies, then cybercriminals withdraw money via ATM using a bank card which is linked to a dummy company,” said researchers who discovered the dump.

Analyst Notes

Users should immediately notify the banks or credit card companies of the open accounts. If their Social Security number happens to be attached to any accounts, they should also contact the Social Security Administration and put a fraud alert on their credit report.