SECURITY
SECURITY
SECURITY
User and credit card data stolen from darknet marketplace Swarmshop
Hackers are targeting other hackers once again. This time, the details of user data and more than 600,000 credit cards from the darknet payment card marketplace Swarmshop were stolen and then posted on a rival underground forum.
First reported by Threat Intelligence Analyst Sergei Kokurin from threat Group-IB Group Pvt. Ltd. under the apt heading of “when karma comes back,” the data stolen from Smarmshop was leaked online March 17. It’s described as a likely revenge attack.
The data included 12,334 records of Swarmshop administrators, sellers and buyers. It included nicknames, hashed passwords, contact details, history of activity and current along with 623,036 payment card details, 498 sets of online banking accounts details and 69,592 sets of Social Security numbers and Canadian Social Insurance numbers.
Nearly 63% of the stolen credit card data related to U.S. banks, while other records came from financial institutions in China, at about 14%, and the U.K., Canada, France, Singapore, Brazil, Saudi Arabia and Mexico, all in the single digits apiece.
The report noted that though underground hacker forums get hacked from time to time, card shop breaches do not happen very often. That Swarmshop was hacked and not for the first time may be fatal for it. Kokurin said the hack is a major reputation hit because the sellers have lost their goods and personal data and, as a consequence, Swarmshop is unlikely to return.
“What better way to gain access to new hacking tools, dumps, cards, personally identifiable information and other items of value than hacking the people that are stealing it in the first place,” Tyler Shields, chief marketing officer at cyber asset infrastructure management company JupiterOne Inc., told SiliconANGLE. “It comes as no surprise that there have been multiple successful breaches against Swarmshop. Cybercriminals have trouble with security just like everyone else. It just goes to show you that cybersecurity is a difficult problem no matter who you are.”
Naveen Sunkavally, chief architect at pentesting firm Horizon3.AI Inc., noted that the breach show that no one is immune from cyberattacks, including cybercriminals themselves.
“What’s most concerning is the proliferation of user credit card information and online banking credentials,” Sunkavally added. “Attackers don’t need to hack in using zero-days like in the movies; often they can just log in with credentials they’ve stolen from efforts like this.”
Image: Group-IB
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
