Selling Stolen Credit Cards Is Still a Thing | WhoisXML API

Threat Reports

Selling Stolen Credit Cards Is Still a Thing

Monetary gain is a primary goal for almost any cybercriminal. And one of the ways they go about earning money without investing a dime is by stealing credit card details.1 In fact, peddling stolen credit card numbers with their corresponding CVVs in underground markets can earn operators millions.2

WhoisXML API threat researcher Dancho Danchev used 19 domains identified as credit card theft indicators of compromise (IoCs) as starting points for an in-depth investigation that found:

  • 10 unredacted email addresses used to register the domains via their historical WHOIS records
  • 40+ IP addresses to which the domains identified as IoCs resolved
  • 1,000+ domains possibly connected to the threat since they shared the IoCs’ registrant email addresses and IP hosts

Download a sample of the threat research materials now or contact us to access the complete set of research materials.

  • [1] https://www.forbes.com/sites/symantec/2015/01/06/stolen-data-in-underground-markets-whats-your-info-worth/
  • [2] https://www.trendmicro.com/vinfo/us/security/special-report/cybercriminal-underground-economy-series/global-black-market-for-stolen-data/
Try our WhoisXML API for free
Get started