US FBI and Interpol have seized a small number of servers used by Joker’s Stash.
Joker’s Stash
Joker’s Stash, the carding site where the internet’s largest marketplace for buying & selling stolen cards, operating since October 7, 2014.
Recently, they saw its blockchain DNS sites were taken offline.
Often posts packs of stolen payment card details — which used for both
- CP (card present), and
- CNP (card not present) fraudulent transactions.
Notably, in the site, there are over 35 million CP records and over 8 million CNP records, in the last 12 months.
Moreover, they maintain several versions of the site including
- .bazar
- .lib
- .emc
- and, coin
- as well as two Tor (.onion) versions of the platform
In addition, Interpol described the server seizures as an ongoing “coordinated police operational activity” but declined to elaborate further, In an email this week,
Temporary Disruption:
In blog posts this week, both Intel 471 and Digital Shadows described the FBI & Interpol disruption attempt as “temporary.”
However, the domains would be restored on new servers “in a few days.” The Joker’s Stash operator said
“The seizure of the .bazar domain likely will not do much to disrupt Joker’s Stash, especially since the team behind Joker’s Stash maintain several versions of the site and the site’s Tor-based links are still working normally,” the Digital Shadows team said.
“Furthermore, Joker’s Stash maintains a presence on several cybercrime forums, and its owners use those forums to remind prospective customers that millions of credit and debit card accounts are for sale.”
In 2020, major of its breaches, according to ZDNet, included —
- BLAZINGSUN (which compromised Dickey’s Barbecue Pit)
- NIRVANA (which compromised both Islands Fine Burgers & Drinks and Champagne French Bakery Cafe)
- BIGBADABOOM-III (which compromised Wawa)
Leave A Comment