A cyber-crook has uploaded the details of more than five million cards, many of them stolen during the data breach at US retailer Target, to a Russian carding site, says security firm Group-IB.
In a report into the Russian high-tech crime market covering the second half of 2013 and first half of this year, Group-IB estimates that the carding market alone is worth some $680 million.
Looking at one underground site, called Swiped, the company fingered a prolific crook going by the name Rescator, who uploaded details of over five million cards. A test sample of the details found that all of them were stolen from Target.
Group-IB found that cryptocurrencies dominate the Swiped market, with bitcoin used for 80% of transactions between users. Unsurprisingly, Russia’s underground fraternity is also looking to find ways to get their hands on bitcoin – the use of malware-based botnets to mine the currency has become so developed that renting through services like SkyShare has become a reality. Stealing from cryptocurrency wallets using Trojans has also become more sophisticated and common.
Meanwhile, the growing popularity of mobile banking is providing another opportunity for thieves. Group-IB has identified five gangs that specialise in using Trojans to infect Android phones to steal sensitive data through SMS banking and phishing sites.
Around $40 million was stolen through targeted attacks on banks during the 12 months, says the report, while hackers are also getting joy from ATMs, often by reprogramming them to hand out big bills.
One bright spot is in online banking, where fraud is down in Russia. Group-IB says that of eight major gangs, two have switched to foreign targets and one was broken up by authorities in the last year, contributing to a drop in losses from $615 million in 2012 to $425 million in 2013-2014.