Famous IB journalist Brian Krebs reported about hacking BriansClub (BriansClub (.) at) carding resource on which stolen bank cards were bought and sold, and a large data leak from there. The data stolen from BriansClub contains more than 26 million credit and debit card entries that fell into the hands of attackers through hacked online stores and retail outlets over the past four years. Nearly eight million records were uploaded in 2019 alone.
Krebs says that the creators of BriansClub have been trolling him for quite some time: they use the face of a journalist in their advertising banners, and the website’s “footer” contains a strange copyright message: “© 2019 Crabs on Security”, which clearly hints at Krebs’s personal blog – KrebsOnSecurity.
A dump containing information about 26 million bank cards, Krebs provided his own source, sending it in a simple text file format. Several people who studied this database at the request of a journalist confirmed that paid BriansClub members can find the same entries on the trading floor, but in a more edited form. According to Krebs, about 14 million cards from this dump can still be valid.
The researcher has already transferred all the information received to his own sources, which work closely with financial institutions so that they can identify, track or re-issue cards of affected users.
After investigating the leak, Krebs concluded that at the beginning of their activity, in 2015, BriansClub put up for sale 1.7 million cards, but the fraudsters business was developing rapidly: in 2016, 2.89 million stolen cards were uploaded to BriansClub, in 2017 about 4.9 million cards were added; and 2018 brought another 9.2 million. Between January and August 2019 (when, apparently, a dump was made), approximately 7.6 million more cards were added to BriansClub.
According to Flashpoint's analysis, BriansClub kept stolen bank card information worth about $ 414 million, based on price levels on the website. Between 2015 and 2019, about 9.1 million stolen cards were sold at BriansClub, which brought the resource about $ 126 million (all payments were made in cryptocurrency). Thus, potential losses could amount to up to 4 billion US dollars, if we rely on statistics from the US Department of Justice and assume that the average loss per bank card in such cases is about 500 US dollars.
The BriansClub operators contacted by the journalist agreed to talk and said that the leak was due to a hack in the data center, as well as caustically asking Krebs not to worry, because all the stolen data had already been withdrawn from sale. Flashpoint experts conducted their own verification and claim that the attackers are cunning and that the leaked data was not deleted from the site.