Latest Threat Research: LetMeowIn – Analysis of a Credential Dumper

Get Informed


Notorious Carding Website Joker’s Stash Shuts Down

On January 15th, the website called Joker’s Stash, known by many cyber criminals for selling stolen credit and debit card details, announced that they will be shutting down. Over the past year, the website has been dealing with numerous issues including being allegedly seized by law enforcement. The website has been known for selling stolen credit card information in the form of single card skimming or credit card data dumps. In a post made by a site administrator, they stated that the shop will be open for 30 days to allow users to spend the rest of their cash. The poster also stated that they do not plan on returning in the future.

Analyst Notes

Despite the closing of Joker’s Stash, there are still many other criminal operations that facilitate the sale of stolen payment card information, and carding remains an active threat to merchants, banks and consumers. Joker’s Stash was used by many people to sell and purchase stolen credit card data to be used in fraudulent transactions by cloning the data onto physical cards’ magnetic stripes for in-store purchases or using card numbers for fraudulent online purchases. Protecting credit card transactions has become a major issue for many companies, especially those that deal with online shopping. Anyone using a credit card should remain vigilant in protecting themselves. To prevent fraudulent charges by credit card thieves, businesses should continuously monitor point-of-sale computer systems for malware, and watch for changes to any e-commerce website’s checkout page or included scripts. Consumers should sign up for one-time use credit cards which can be purchased through verified services or some banks. These services allow the consumer to purchase a pre-loaded credit card that can only be used once or used multiple times but has a balance of zero until the money is added to it. By keeping the balance at zero, if the card were to be compromised, an attacker would not be able to purchase anything with the number. One-time use cards provide the buyer with a credit card number that expires after the purchase. Though these cards may seem like a hassle for many, they do not take that much time to register for and will relieve consumers of the stress that could be caused by having a card compromised.

More can be read here: