Dark net
Dark net Pixabay

Recently cybersecuritye experts detected that a huge database holding more than 1.3 million credit and debit card records was uploaded on darknet on October 28. The researchers stated that most of these records belong to the customers of Indian banks and underground market value of the database is estimated at more than $130 million.

The cybersecurity company behind this sensational revelation is Group-IB, which is specialized in preventing cyberattacks. Earlier, the researchers at the Singapore based company said that government agencies and educational institutions faced a huge cyber threat as hundreds of compromised credentials were put up for sale on the dark web. Now, the experts revealed that database under the name "INDIA-MIX-NEW-01" (full name: " INDIA-MIX-NEW-01 (fresh skimmeD INDIA base): INDIA MIX TR1+TR2/TR2, HIGH VALID 90-95 percent, uploaded on October 28 (NON-REFUNDABLE BASE) has been on sale on one of the most notorious underground card shops, called Joker's Stash.

As per the researchers at Group-IB the compromised database contains only credit and debit card dumps Track 2, while its name suggests that it holds both Track 1 and Track 2 records. Track 2 dumps can be used to produce cloned cards for further cashing out. Its threat Intelligence team has analyzed all the card dumps from the database, more than 98 percent of which belong to Indian banks, 1 percent - to Colombian. In a news release, the company stated that as per its researchers over 18 percent of the dumps in the database are related to a single Indian bank.

They also found that database includes a total of more than 1.3 million records which means it is one of the biggest single databases ever uploaded at once on underground markets and probably one of the most expensive ones. Every single dump in the set is valued at $100 which makes the total value of the database at least $130 million.

The compromised data
Group-IB

Ilya Sachkov, CEO and founder of Group-IB said "It is true that big payment data leaks have happened before; however, the databases are usually uploaded in several smaller parts at different times," adding that "This is indeed the biggest card database encapsulated in a single file ever uploaded on underground markets at once."

The Russian IT entrepreneur, Sachkov also mentioned that in this recent case it should be noticed that the database that went on sale hadn't been promoted prior either in the news, on card shop or even on forums on the darknet. He said the cards from this region of the world are very rare in underground markets. He added that "in the past 12 months it is the only big sale of card dumps related to Indian banks. Group-IB's Threat Intelligence customers have already been notified about the sale of this database. The information was also shared with proper authorities."