Reading Time: 2 minutes

A Russian cybercriminal group called AllWorld.Cards released 1 million stolen credit cards on the Dark Web to sell payment credentials online.

Cyble, a threat intelligence organization, took notice of this act during their “routine monitoring of cybercrime and Dark Web marketplaces”. They stated that the following information is included in the credit cards: credit card number, name, CVV, expiration date, country, state, city, ZIP code, address, phone number, and email.

Their report further mentioned that the cards were stolen between 2018 and 2019 and were posted on an underground market for selling.


 Image Source: Cyble

A Bit about AllWorld.Cards

According to Cyble, AllWorld.Cards is a relatively new player in the credit card selling market. It came into existence in May 2021 and is present on the Dark Web and a Tor channel.

The stolen card black market is a highly illegal business. Cybercriminals find multiple ways to get their hands on credit cards data all the time. Magecart attacks, data-stealing trojans, phishing, and Point-of-sale (PoS) attacks are the most popular practices of cybercriminals for stealing credit card data.

Another threat report by a security firm Cybersixgill stated that over 45 million compromised credit cards were offered during the 2nd half of 2020 for sale in the underground credit card markets. These cards are then used for online purchases like buying gift cards by cybercriminals, making them more difficult to track.

How Many Cards Are Still Active on the Dark Web?

According to D3 Lab’s analysis, the cybercriminals indulged themselves in this credit card fraud activity to entice other criminals and increase traffic on their site.

The number of cards that are still active remains unknown. However, the threat actors have claimed that from a random sampling of 98 cards, 27% are active.

D3 Lab further analyzed by sending credit card numbers to the client banks that around 50% of the cards are “still operational, not yet identified as compromised”.

Cyble listed the top 500 banks affected by the stolen credit card fraud in descending order. Out of these banks, 72,937 of the stolen cards were associated with the State Bank of India, 38,010 were associated with Banco Santander (Brazil), 30480 with an Ohio-based bank called Sutton Bank, 27,441 with JP Morgan Chase Bank N.A., and 24,307 with BBVA Bancomer S.A. (Mexico-based), and the list continued.

Recommendations to protect your personal information

The stolen credit cards’ information didn’t belong to a single country, it belonged from worldwide. While it was someone else before, the next can be you. Following are a few recommendations to keep your personal information secure:

  1. Do not share your personal or financial information on SMS, email, or phone.
  2. Avoid opening unverified links and email attachments. Phishing attacks keep rising with each passing day.
  3. Set up complex passwords and use multi-factor authentication.
  4. Enable automatic software updates on all your devices.
  5. Encrypt your devices and protect your online activities from snooping using the best VPN service.
  6. Keep an eye on your financial activity. Call your bank immediately in case of any suspicious activity.