Hacker Sold 330,000 Credit Cards and 895,000 Gift Cards on the Dark Web

  • A Russian-speaking cybercriminal has sold two big and valuable card packs on the dark web.
  • The seller is a notorious and pretty prolific actor who sells packs containing the PII of Americans.
  • The entity that suffered the breach which resulted in the leak is ‘Cardpool.com.’

E-gift cards falling into the hands of malicious individuals who then sell them for a profit isn’t anything new. However, when a huge batch like that one spotted by Gemini Advisory recently is sold, it’s worth looking into it more thoroughly. According to the relevant report, in February 2021, someone sold 895,000 stolen gift cards for a buy-now price of only $20,000.

Following a successful transaction, the same cybercriminal sold 330,000 payment cards with full cardholder name details, CVV codes, expiration date, card number, bank name, etc. That second batch was sold for just $15,000, and it was purchased within a couple of days.

Following an analysis of the data that was offered for purchase, Gemini Advisory concluded that the credit cards came from a breach on the online gift card shop ‘Cardpool.com.’ The evidence suggests that the breach lasted between February 4, 2019, and August 4, 2019, a period during which the actors were actively exfiltrating card details, probably by means of a skimmer planted on the now-defunct platform. About 85% of the visitors of Cardpool.com were residents of the United States, so the recently sold card set mainly affects Americans.

Source: Gemini Advisory

The seller chose not to disclose the source of the gift cards. Still, the listing mentions 3,000 brands, including Airbnb, Amazon, American Airlines, Chipotle, Dunkin Donuts, Marriott, Nike, Subway, Target, and Walmart. The total redemption value of the entire gift card package is estimated to be $38,000,000, which is nowhere near the selling price.

Possibly, the actor stole these cards directly from the database of Cardpool.com after gaining access to the backend of the platform. Gemini believes this is also another possible explanation of how credit card CVV data was exfiltrated, too, if a skimmer wasn’t used after all.

The criminal appeared to be well-versed with the Russian language, and according to the researchers, the user is very active on top and mid-tier dark web forums since 2010. He has previously sold stolen card data, entire database dumps, and the PII of United States residents, so he seems to have a preference or focus if you like.

We have recently advised you not to buy gift cards from online shops, especially right before or during holidays when the hacking activity spikes. The sector is just too vulnerable and generally untrustworthy, so it’s really not worth risking your credit card details. The Cardpool.com incident is just another case that highlights the fact.



How to Watch Formula 1 Without Cable in 2021: Live Stream F1 Grand Prix Anywhere!

The 2021 Formula 1 World Championship is nearly underway, and we're excited to see the big names on the circuit once more,...

How to watch NFL Draft 2021 Without Cable: Date, Time, Schedule, Pick Order, Location, Mock Drafts

The 2021 NFL Draft is almost upon us, and soon the top prospects in the world of football will know where they...

How to Watch NHL 2021 Without Cable – Live Stream Hockey Online from Anywhere

The 2021 NHL season is here, and it ongoing after getting a dodgy start. The 104th season of the National Hockey League...