Media reports that data from more than 100,000 cards of Russian banks are published on hacker forums for free. Experts believe that the criminals were trying to urgently “monetize” the bases at their disposal, which have now lost their value.
According to Kommersant , at least one offer to sell 100,000 Russian bank card records has surfaced on the darknet in the past few days, Ashot Oganesyan, founder of DLBI, a data breach intelligence and monitoring service, told reporters:
“It was sold on the forum by a certain English-speaking user, but the ad was removed, since “working with RU” is prohibited on the forum.”
At the same time, the manager of RTM Group, Yevgeny Tsarev, told the publication that massive attempts to write off funds from the accounts of Russian clients have been observed since February 26, and the massive leaks themselves “occurred much earlier.” According to him, in the last week, attackers have been trying to make transfers even from blocked cards, as well as from expired cards:
“There is a feeling that the criminals have stepped up sharply, like ordinary citizens, urgently trying to monetize the bases that they had appeared much earlier.”
According to Tsarev, in recent days there have indeed been many announcements for the sale of these cards, since now these dumps are almost of no use. Oganesyan agrees with this sentiment, saying the hype is due to Western carders “dumping stocks of stolen Russian cards” since they can no longer be used abroad.
Analysts also note an increase in the number of offers for the sale of data from compromised foreign cards, for example, in just one day (March 7, 2022), more than a hundred new sites for their sale appeared. Sergey Trukhachev, head of the block of special services at Infosecurity a Softline Company, noted:
“Cards of foreign banks can be used for purchases on foreign sites. Considering that international cooperation in the law enforcement sphere will now go through hard times, the demand for Western bank card dumps will only grow.”