A joint private/public sector effort between Group-IB, a world leader in cybersecurity, and Europol’s European Cybercrime Center (EC3) is putting a dent in darknet market-related credit card fraud, to the tune of about €53 million over the last two years. Most recently, Group-IB provided the EC3 with enough information to prevent about €14 million in losses.
The law enforcement end of the collaboration, known as Carding Action 2021, involves agencies from the UK and Europol working together to target marketplaces and specialty “card shops” scattered across the dark web. Group-IB, the only private sector firm involved in the operation, makes use of proprietary means to detect botnets and JS-sniffers capable of hijacking credit card details, with victims identified all around the globe.
Clandestine carding stores on the darknet monitored by Group-IB’s Threat Intelligence and Attribution System revealed 12 individual vendors were responsible for 49,761 instances of credit card theft over a three-month monitoring period. Group-IB found that card details were most often compromised via phishing websites. Details were also stolen when user devices became infected with “banking trojans,” or via “highjacked” e-commerce websites.
Last year, Carding Action 2020, a three-month, cross-border operation, prevented approx. €40 million in losses by similarly identifying fraudulently-obtained credit card info. According to Group-IB’s Hi-Tech Crime Trends Report 20/21, presented yesterday at CyberCrimeCon, the overall carding market grew some 116% over the last year, from $880 million to $1.9 billion. The increase in losses was suggested to be due to the expansion of JS-sniffer attacks targeting e-commerce merchants across the EU region.
Group-IB is expected to release more of their findings about the current state of the darknet carding market during CyberCrimeCon later this week.