Did you know that more than a million credit card details have unfortunately been leaked and traded on the dark web?
The dark web is a section of the internet that is encrypted and hidden, and it is mostly populated by individuals who engage in illegal activities, hackers, and those who desire to remain anonymous.
Its lack of visibility on popular search engines like Google and Naver means that it is not widely known to the public.
A recent study conducted by NordVPN on the 10th reveals that a significant portion of the credit card information sold on the dark web was acquired through the use of malware.
Contrary to what many people think, the acquisition of sensitive data through physical card loss is actually quite rare.
Obtaining malware capable of stealing card information is surprisingly straightforward, similar to buying items online.
When cybercriminals manage to access card data, they also acquire other valuable information that can result in serious criminal consequences. This includes the cardholder's name, computer files, and stored credentials.
According to NordVPN's research, a significant portion of the leaked card information was taken by the advanced malware Redline.
Vidar, another frequently used malware, was responsible for 18% of the leaks. Redline's appeal to cybercriminals stems from its affordability and accessibility.
Information can be stolen through different methods, such as phishing emails, deceptive online advertisements, and compromised public USB ports.
In addition, this program can be difficult to monitor as it is discreetly exchanged through dedicated Telegram channels.
Out of the 600,000 stolen cards from a data sample, a majority of them, 54%, were Visa cards, with Mastercards making up 33% of the total. Visa and Mastercard make up around 90% of all stolen cards.
Subscribe to our newsletter
Adrianus Barmenhoven, a cybersecurity advisor at NordVPN, highlighted the seriousness of the threat.
“Malware poses a significant threat as it not only steals payment card information but also gains access to additional sensitive data like auto-fill information and account authentication.”
According to him, it is important to exercise extra caution due to the potential for a wider range of attacks, including identity theft, online blackmail, and cyber extortion.