+ All Categories
Home > Technology > How the Stolen Credit Card Black Market Works

How the Stolen Credit Card Black Market Works

Date post: 17-May-2015
Category:

Technology
Upload: ken-westin
View: 1,192 times
Download: 4 times
Download Report this document
Share this document with a friend
Description:
With the Target data breach, many are wondering how criminals can profit from the use of the stolen credit cards. The card holders themselves will not be responsible for any of the charges, so how is it that criminals are able to make money from stolen credit cards? I have been involved with several cases where organized crime rings have been unveiled, many of these have had connections to Russian and Eastern European groups. These groups generate a significant profit through stolen property acquired through burglaries, shoplifting, identity theft, credit card skimming and carding. Many underestimate the complexity of some of these networks and the revenue they generate. In this talk I will discuss the stolen credit card market, how it fuels the exploit black market, online retail fraud and other nefarious activities.
33
How the Stolen Credit Card Black Market Works Ken Westin [email protected]
Transcript
Page 1: How the Stolen Credit Card Black Market Works

How the Stolen Credit Card Black Market WorksKen Westin

[email protected]

Page 2: How the Stolen Credit Card Black Market Works

I Have Put People In Jail

Page 3: How the Stolen Credit Card Black Market Works
Page 4: How the Stolen Credit Card Black Market Works

!SME!

Specialized !!

Brokers!Vendors!

General!members!(buyers)!Mules!(wi<ng!&!unwi<ng)!

Exploit & Malware Devs Technical

Money Mule ServicesService Providers

Money Mule ServicesService Providers

Evasion, anonymity, distance from crime

Page 5: How the Stolen Credit Card Black Market Works
Page 6: How the Stolen Credit Card Black Market Works

Roman Valerevich Seleznev

- Arrested Satruday on charges of hacking U.S. retailers 2009-2011 - Accused of stealing 200K credit card numbers - Generated $2M in profit

Page 7: How the Stolen Credit Card Black Market Works

Source: The Nilson Report, BI Intelligence

Credit Card Fraud Losses Bi

llions

0

7

14

2009 2010 2011 2012 2013

6.8

6.2

5.4

43.7 7.1

5.54.8

3.63.2

United States Rest of World

Page 8: How the Stolen Credit Card Black Market Works

Job Security for Credit Card Fraudsters Through 2015

EMV IN THE U.S.

201520132011 2012

August 2011 April 1, 2013

October 15, 2015

Liability for fraudulent transactions that have

not installed chip terminal goes to

merchant

Visa announces EMV initiatives through!TIP (Technology

Innovation Program)

Mastercard announces EMV

initiative & liability hierarchy

U.S. acquirers and processors must be able to support chip

transactions with dynamic auth

February 2012

October, 107

EMV liability shift for gasoline merchants

Page 9: How the Stolen Credit Card Black Market Works

EMV WON’T STOP CREDIT CARD FRAUD

0

100

200

300

400

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010

Card-not-present Counterfeit Lost/Stolen Card ID Theft Mail Non Receipt

ANNUAL FRAUD LOSSES ON U.K.-ISSUED CARDS IN £MILLIONS, 1999-2010

EMV Adopted

Cross-border counterfeit

Page 10: How the Stolen Credit Card Black Market Works

UK Credit Card Fraud 2001-2012

Page 11: How the Stolen Credit Card Black Market Works

Australia Credit Card Fraud 2001-2012

Page 12: How the Stolen Credit Card Black Market Works

- EMV would not have stopped Target breach

- But would decrease the value of the breached data

Page 13: How the Stolen Credit Card Black Market Works

STOLEN CREDIT CARD ECONOMY

Malware'Authors'

Network''Intruder'

Stolen'Credit'Cards'

Carding'

Stolen'Property'

Reshipping'

OrganizedCriminal

Syndicate

Malware/Tool

Authors

Stolen Credit Cards

& Data

Black POS: $1,800 - $2,300Citadel Trojan: $2,399 - $3,391

Page 14: How the Stolen Credit Card Black Market Works
Page 15: How the Stolen Credit Card Black Market Works

Initial Access Tools - Deliver payloads - Automate exploitation

- Exploit kit - Zero day

Payload Parts & Features - Create, customize,package & enhance payloads

- Botnet - Packers, Crypters - Obfuscation/Evasion

PayloadsMalicious behavior, destruction, denial,

degradation, deception, disruption, or data exfiltration

- Botnet for lease/sale

Enabling ServicesAssist finding targets to use an initial access tool and/or payload; attack vectors etc

- Phishing services - Watering holes

Full Services Provide full attack life cycle for hire

Hackers for hire, Doxing, Botnets for rent, DDoS

MALWARE & SERVICES

Page 16: How the Stolen Credit Card Black Market Works
Page 17: How the Stolen Credit Card Black Market Works

BLACK HOLE EXPLOIT KIT

“Paunch” Dmitry Evegeny Fedotov

- 1,000 customers - $500-$700 month fee - $50K month income - Purchased zero day exploits - $10K/month exploit kit - Paunch arrested Oct 2013

with 13 others

Page 18: How the Stolen Credit Card Black Market Works

STOLEN CREDIT CARD ECONOMY

Stolen Credit Card

OrganizedCriminal

Syndicate

Malware/Tool

Authors

Brokers Stolen

Credit Cards & Data

Page 19: How the Stolen Credit Card Black Market Works

RESCATOR

- 2.8 Million Cards @ $8-28 each

Andrey Hodirevski Source: http://krebsonsecurity.com/2013/12/whos-selling-credit-cards-from-target/

http://krebsonsecurity.com/2013/12/whos-selling-credit-cards-from-target/
Page 20: How the Stolen Credit Card Black Market Works
Page 21: How the Stolen Credit Card Black Market Works

http://carding2bil6j7ja.onion/login

Page 22: How the Stolen Credit Card Black Market Works

STOLEN CREDIT CARD ECONOMY

Malware'Authors'

Network''Intruder'

Stolen'Credit'Cards'

Carding'

Stolen'Property'

Reshipping'

Stolen Credit Card

Gift Cards

Fence Goods

OrganizedCriminal

Syndicate

Malware/Tool

Authors

Brokers Stolen

Credit Cards & Data

Page 23: How the Stolen Credit Card Black Market Works

Card encoder Embossing machine Tipping machine

COUNTERFEIT CARD TOOLS

Page 24: How the Stolen Credit Card Black Market Works
Page 25: How the Stolen Credit Card Black Market Works

- 69K counterfeit cards - 35K holographic stickers - 30K drivers licenses w/overlays - 36K shipments to “customers”

COUNTERFEIT eCOMMERCE

Page 26: How the Stolen Credit Card Black Market Works

STOLEN CREDIT CARD ECONOMY

Malware'Authors'

Network''Intruder'

Stolen'Credit'Cards'

Carding'

Stolen'Property'

Reshipping'

Stolen Credit Card

Gift Cards

Purchased & Stolen Property

OrganizedCriminal

Syndicate

Malware/Tool

Authors

Brokers Stolen

Credit Cards & Data

Reshipping

Black Market Deep Web

Pawn Shops Craigslist

eBay

Page 27: How the Stolen Credit Card Black Market Works

CREDIT CARD THEFT PART OF LARGER ECONOMY

Page 28: How the Stolen Credit Card Black Market Works

http://cstoreav7i44h2lr.onion/

Page 29: How the Stolen Credit Card Black Market Works

http://mhsaby5zjddolddv.onion

Page 30: How the Stolen Credit Card Black Market Works

Malware'Authors'

Network''Intruder'

Stolen'Credit'Cards'

Carding'

Stolen'Property'

Reshipping'

Stolen Credit Card

Gift Cards

Purchased & Stolen Property

OrganizedCriminal

Syndicate

Malware/Tool

Authors

Brokers Stolen

Credit Cards & Data

Reshipping

Black Market Deep Web

Pawn Shops Craigslist

eBay

STOLEN CREDIT CARD ECONOMY

Page 31: How the Stolen Credit Card Black Market Works
Page 32: How the Stolen Credit Card Black Market Works

Thank You!

Ken Westin [email protected]

@kwestin cybersecurity.io

http://dv8.io/1mpchdJ

mailto:[email protected]
http://dv8.io/1mpchdJ
Page 33: How the Stolen Credit Card Black Market Works

Recommended
Amplify Business Credit Card Conditions of Use. - … · Lost or stolen cards or PIN revealed or suspected unauthorised transactions 9 9. Credit limit 10 10. Using the card 10 11.

Amplify Business Credit Card Conditions of Use. - … · Lost or stolen cards or PIN revealed or suspected unauthorised transactions 9 9. Credit limit 10 10. Using the card 10 11.

Documents

Virtual PBX & VOIP servicesgenesissystem.com/new/wp-content/uploads/2019/03/CreditCardForm.… · Credit Card Type Credit Card Number Credit Card Expiration Date Credit Card Security

Virtual PBX & VOIP servicesgenesissystem.com/new/wp-content/uploads/2019/03/CreditCardForm.… · Credit Card Type Credit Card Number Credit Card Expiration Date Credit Card Security

Documents

Credit Card Defaults, Credit Card Profits, and Bankruptcy

Credit Card Defaults, Credit Card Profits, and Bankruptcy

Documents

FROM Experience life - SBI Credit Card Services Online · PDF file• Hotlist stolen/lost cards • Request for duplicate card statement E-Statement: Get your monthly e-statement delivered

FROM Experience life - SBI Credit Card Services Online · PDF file• Hotlist stolen/lost cards • Request for duplicate card statement E-Statement: Get your monthly e-statement delivered

Documents

InfoGraphic OWASP PaymentCarding v4 - Imperva · Mitigating OWASP Automated Threats COMBAT PAYMENT CARD ATTACKS WITH WAF AND THREAT INTELLIGENCE Online trafficking of stolen credit

InfoGraphic OWASP PaymentCarding v4 - Imperva · Mitigating OWASP Automated Threats COMBAT PAYMENT CARD ATTACKS WITH WAF AND THREAT INTELLIGENCE Online trafficking of stolen credit

Documents

Credit card payments incur a merchant service fee of 1.5% ... · Tanqueray No.10 14 78 degrees 13 RUMRUM Havana Club 3YO 10 Bundaberg 10 Stolen White 12 Stolen Gold 12 Stolen Smoked

Credit card payments incur a merchant service fee of 1.5% ... · Tanqueray No.10 14 78 degrees 13 RUMRUM Havana Club 3YO 10 Bundaberg 10 Stolen White 12 Stolen Gold 12 Stolen Smoked

Documents

Credit Card Frauds - policeuniversity.ac.in Rajesh... · • Cards are lost or stolen ... • Card information is copied • Duplicate cards are got issued by impersonation • SIM

Credit Card Frauds - policeuniversity.ac.in Rajesh... · • Cards are lost or stolen ... • Card information is copied • Duplicate cards are got issued by impersonation • SIM

Documents

Russian Hackers Charged in ‘Biggest’ Data Breach Case, 160 Million Credit Card Numbers Stolen

Russian Hackers Charged in ‘Biggest’ Data Breach Case, 160 Million Credit Card Numbers Stolen

Documents

JPMorgan Commercial Card SolutionsConsumer Credit and Commercial Card. ... Investigator will issue credit(s) for the fraud dollars to the old (lost/stolen) account to offset the initial

JPMorgan Commercial Card SolutionsConsumer Credit and Commercial Card. ... Investigator will issue credit(s) for the fraud dollars to the old (lost/stolen) account to offset the initial

Documents

(Read this Product Disclosure Sheet before you decide to ... › ... › credit-card › conventional › credit-car… · - you realise that your credit card has been lost, stolen,

(Read this Product Disclosure Sheet before you decide to ... › ... › credit-card › conventional › credit-car… · - you realise that your credit card has been lost, stolen,

Documents

Sony Hack - York University · credit card numbers Where Do Stolen Credit Card Numbers Go ? ways carders use stolen c. c. numbers print plastic card with the new number [ not effective

Sony Hack - York University · credit card numbers Where Do Stolen Credit Card Numbers Go ? ways carders use stolen c. c. numbers print plastic card with the new number [ not effective

Documents

1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.

1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.

Documents

Avoiding a Cyber Catastrophe - Clearwaterclearwatercompliance.com/...a_Data_Breach_Disaster.pdf · • A credit card processing company had more than 130 million digital records stolen

Avoiding a Cyber Catastrophe - Clearwaterclearwatercompliance.com/...a_Data_Breach_Disaster.pdf · • A credit card processing company had more than 130 million digital records stolen

Documents

Ch 1: Introducing Windows XP - samsclass.info · Web viewTJX Companies, Inc. had 45 million customer credit card and debit card numbers stolen because they used poor wireless security

Ch 1: Introducing Windows XP - samsclass.info · Web viewTJX Companies, Inc. had 45 million customer credit card and debit card numbers stolen because they used poor wireless security

Documents

ProPay Credit Card Processing Guide · ProPay Credit Card Processing Guide Tabs3 ProPay Credit Card Processing Guide ...

ProPay Credit Card Processing Guide · ProPay Credit Card Processing Guide Tabs3 ProPay Credit Card Processing Guide ...

Documents

OCBC Credit Cards...wallet is lost or stolen. A simple call to CPP 24-hour lost/stolen cards hotline and all your cards (credit card, debit card and ATM card) will be cancelled to

OCBC Credit Cards...wallet is lost or stolen. A simple call to CPP 24-hour lost/stolen cards hotline and all your cards (credit card, debit card and ATM card) will be cancelled to

Documents

Cybercrime and the Deep Web - Trend Micro underground, it primarily sells fake/stolen documents and credentials (fake driver’s licenses and passports, stolen credit card and other

Cybercrime and the Deep Web - Trend Micro underground, it primarily sells fake/stolen documents and credentials (fake driver’s licenses and passports, stolen credit card and other

Documents

THE CASE OF THE STOLEN DEREK JETER CARD

THE CASE OF THE STOLEN DEREK JETER CARD

Documents