how the stolen credit card black market works
DESCRIPTION
With the Target data breach, many are wondering how criminals can profit from the use of the stolen credit cards. The card holders themselves will not be responsible for any of the charges, so how is it that criminals are able to make money from stolen credit cards? I have been involved with several cases where organized crime rings have been unveiled, many of these have had connections to Russian and Eastern European groups. These groups generate a significant profit through stolen property acquired through burglaries, shoplifting, identity theft, credit card skimming and carding. Many underestimate the complexity of some of these networks and the revenue they generate. In this talk I will discuss the stolen credit card market, how it fuels the exploit black market, online retail fraud and other nefarious activities.TRANSCRIPT
How the Stolen Credit Card Black Market WorksKen Westin
I Have Put People In Jail
!SME!
Specialized !!
Brokers!Vendors!
General!members!(buyers)!Mules!(wi<ng!&!unwi<ng)!
Exploit & Malware Devs Technical
Money Mule ServicesService Providers
Money Mule ServicesService Providers
Evasion, anonymity, distance from crime
Roman Valerevich Seleznev
- Arrested Satruday on charges of hacking U.S. retailers 2009-2011 - Accused of stealing 200K credit card numbers - Generated $2M in profit
Source: The Nilson Report, BI Intelligence
Credit Card Fraud Losses Bi
llions
0
7
14
2009 2010 2011 2012 2013
6.8
6.2
5.4
43.7 7.1
5.54.8
3.63.2
United States Rest of World
Job Security for Credit Card Fraudsters Through 2015
EMV IN THE U.S.
201520132011 2012
August 2011 April 1, 2013
October 15, 2015
Liability for fraudulent transactions that have
not installed chip terminal goes to
merchant
Visa announces EMV initiatives through!TIP (Technology
Innovation Program)
Mastercard announces EMV
initiative & liability hierarchy
U.S. acquirers and processors must be able to support chip
transactions with dynamic auth
February 2012
October, 107
EMV liability shift for gasoline merchants
EMV WON’T STOP CREDIT CARD FRAUD
0
100
200
300
400
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010
Card-not-present Counterfeit Lost/Stolen Card ID Theft Mail Non Receipt
ANNUAL FRAUD LOSSES ON U.K.-ISSUED CARDS IN £MILLIONS, 1999-2010
EMV Adopted
Cross-border counterfeit
UK Credit Card Fraud 2001-2012
Australia Credit Card Fraud 2001-2012
- EMV would not have stopped Target breach
- But would decrease the value of the breached data
STOLEN CREDIT CARD ECONOMY
Malware'Authors'
Network''Intruder'
Stolen'Credit'Cards'
Carding'
Stolen'Property'
Reshipping'
OrganizedCriminal
Syndicate
Malware/Tool
Authors
Stolen Credit Cards
& Data
Black POS: $1,800 - $2,300Citadel Trojan: $2,399 - $3,391
Initial Access Tools - Deliver payloads - Automate exploitation
- Exploit kit - Zero day
Payload Parts & Features - Create, customize,package & enhance payloads
- Botnet - Packers, Crypters - Obfuscation/Evasion
PayloadsMalicious behavior, destruction, denial,
degradation, deception, disruption, or data exfiltration
- Botnet for lease/sale
Enabling ServicesAssist finding targets to use an initial access tool and/or payload; attack vectors etc
- Phishing services - Watering holes
Full Services Provide full attack life cycle for hire
Hackers for hire, Doxing, Botnets for rent, DDoS
MALWARE & SERVICES
BLACK HOLE EXPLOIT KIT
“Paunch” Dmitry Evegeny Fedotov
- 1,000 customers - $500-$700 month fee - $50K month income - Purchased zero day exploits - $10K/month exploit kit - Paunch arrested Oct 2013
with 13 others
STOLEN CREDIT CARD ECONOMY
Stolen Credit Card
OrganizedCriminal
Syndicate
Malware/Tool
Authors
Brokers Stolen
Credit Cards & Data
RESCATOR
- 2.8 Million Cards @ $8-28 each
Andrey Hodirevski Source: http://krebsonsecurity.com/2013/12/whos-selling-credit-cards-from-target/
http://carding2bil6j7ja.onion/login
STOLEN CREDIT CARD ECONOMY
Malware'Authors'
Network''Intruder'
Stolen'Credit'Cards'
Carding'
Stolen'Property'
Reshipping'
Stolen Credit Card
Gift Cards
Fence Goods
OrganizedCriminal
Syndicate
Malware/Tool
Authors
Brokers Stolen
Credit Cards & Data
Card encoder Embossing machine Tipping machine
COUNTERFEIT CARD TOOLS
- 69K counterfeit cards - 35K holographic stickers - 30K drivers licenses w/overlays - 36K shipments to “customers”
COUNTERFEIT eCOMMERCE
STOLEN CREDIT CARD ECONOMY
Malware'Authors'
Network''Intruder'
Stolen'Credit'Cards'
Carding'
Stolen'Property'
Reshipping'
Stolen Credit Card
Gift Cards
Purchased & Stolen Property
OrganizedCriminal
Syndicate
Malware/Tool
Authors
Brokers Stolen
Credit Cards & Data
Reshipping
Black Market Deep Web
Pawn Shops Craigslist
eBay
CREDIT CARD THEFT PART OF LARGER ECONOMY
http://cstoreav7i44h2lr.onion/
http://mhsaby5zjddolddv.onion
Malware'Authors'
Network''Intruder'
Stolen'Credit'Cards'
Carding'
Stolen'Property'
Reshipping'
Stolen Credit Card
Gift Cards
Purchased & Stolen Property
OrganizedCriminal
Syndicate
Malware/Tool
Authors
Brokers Stolen
Credit Cards & Data
Reshipping
Black Market Deep Web
Pawn Shops Craigslist
eBay
STOLEN CREDIT CARD ECONOMY