Nearly 1.3 million debit and credit card credentials of Indian banking customers that can fetch up to $130 million for cybercriminals are available on Dark Web for open sale. Singapore-based Group-IB security research team has unearthed a large database of credit and debit card details on the Dark Web largely belonging to multiple Indian banks.
According to ZDNet, the cards' details is available on Stash - one of the oldest card shops on the Dark Web which is known to be the place where major hackers sell card dumps.
The researchers from cyber security form Group-IB have found that the Indian card holders' listing has been advertised by Joker's Stash under the "INDIA-MIX-NEW-01" heading.
According to Group-IB, each card is being sold for $100 (roughly Rs 7,092) and in total, it costs more than $130 million (approx. Rs 921.99 crore), making it the most expensive financial information to be put up for sale on the Dark Web till date.
The names of the Indian banks and finance companies to which the cards belong to are unknown as the data was uploaded a few days ago. However, researchers are of the opinion that the information might be collected using skimming devices installed on ATMs and PoS (Point-of-Sale) machines.
Criminals who buy card dumps from Joker's Stash usually use the data to clone legitimate cards and withdraw money from ATMs in so-called "cash outs."
In February, card details for 2.15 million Americans were put up for sale on Joker's Stash.
Over the past five years, Joker's Stash has become one of the leading underground credit card shops through significant releases of stolen credit cards from data breaches at companies like Target, Walmart, Saks Fifth Avenue, Lord & Taylor, and British Airways.
It is estimated that Joker's Stash lists 5.3 million credit card numbers related to this breach.