Stolen Credit Card Details Leaked on Black's Stash Marketplace

Post Views: 9

The Release of 4.6 Million Stolen Credit Cards by Black’s Stash

The notorious B1ack’s Stash dark web carding marketplace has made public its decision to release 4.6 million stolen credit cards, following the suspension of 8 million stolen CVV2 records due to policy violations.

This move comes as a result of sellers reselling card data purchased from B1ack’s Stash on competing platforms, violating the marketplace’s policies.

Details of the Released Data

The released data includes:

Full card numbers
Expiration dates
CVV2 codes
Cardholder names
Billing addresses
IP addresses

According to SOCRadar, they have validated the authenticity of some of the records and found that 4.3 million records appear to be new and potentially usable for illicit activities.

Geographic Distribution of the Leaked Records

Approximately 70% of the cards are from the US, while other countries include:

Canada
UK
France
Malaysia

This global distribution suggests that the dataset is not limited to a single regional operation, but rather draws from multiple skimming or phishing campaigns targeting English-speaking and high-purchasing-power markets.

Expected Consequences of the Released Records

The released cards are expected to fuel card-not-present (CNP) fraud activities, including illicit online purchases.

The accompanying information may also enable cybercriminals to:

Open fraudulent accounts
Apply for credit
Launch convincing phishing attacks

The richness of the leaked records poses significant risks, extending beyond simple card fraud to encompass potential identity theft and other malicious activities.

Implications and Recommendations

This development underscores the ongoing threat posed by dark web marketplaces and the need for continued vigilance in combating these illicit activities.