We have seen an increasing amount of articles published about the “Dark Web,” underground cybercriminal sites that are hosted on hidden servers and can be accessed only by using Tor.
One example of a Dark Web site hosted on one of these “.onion” domains was the Silk Road, a site infamous for the buying and selling of drugs, among other products and services. That site was taken down by law enforcement, and the owner was arrested.
During a recent investigation McAfee discovered a site offering fresh dumps of stolen credit card numbers. This is nothing new, of course; these sites are available everywhere on the (visible) Internet. In this case, after we registered and were validated as a new “customer,” we saw this menu:
Several options are available. We looked first at the Sale page, where the shop offers Bitcoin discounts on credit cards that are valid for only two weeks. If we buy now, we’ll get BTC 0.9 off.
So much for “bargain shopping.” Let’s look into buying a few credit cards. The site exposes the amount of fresh dumps they have and how widespread they are, as we see in the following small selection:
Selecting the “New big base USA” option from March 2015, we find the following selection criteria:
Let’s see which cards we can buy around the McAfee office I work in. A few seconds later, the site displays a list of credit cards that can be purchased from people who live in Beaverton, Oregon:
As an extra service, the Russian owner(s) of the website offer—for the modest fee of US$300—the option to use a private botnet to attack your competitors with a distributed denial of service. That’s a nice offer: What we could have saved on our “purchase,” we could now use to boost our business a little bit more.
Of course, we did not actually buy any credit card numbers. But the amount of fresh credit cards this service offers in the United States and rest of the world is huge. The ease of buying and paying is astonishing, all with a few anonymous mouse clicks.
Although financial institutions take antifraud measures, your credit card details could have been stolen by a breach of an online business, point-of-sale terminal malware, or a number of other ways. To defend yourselves, simply checking your monthly statements is the best way to verify your purchases for irregularities.