Home>Blog>The Hacker News Headlines>Law Enforcement Seizes Joker’s Stash — Stolen Credit Card Marketplace
The Hacker News Headlines

Law Enforcement Seizes Joker’s Stash — Stolen Credit Card Marketplace

Joker's stashJoker's stash

The US Federal Bureau of Investigation (FBI) and Interpol have
allegedly seized proxy servers used in connection with
Blockchain-based domains belonging to Joker’s Stash, a notorious
fraud bazaar known for selling compromised payment card data in
underground forums.

The takedown happened[1]
last week on December 17.

The operators of Joker’s Stash operate several versions of the
platform, including Blockchain proxy server domains[2] — .bazar, .lib, .emc,
and .coin — that are responsible for redirecting users to the
actual website and two other Tor (.onion) variants.

Joker’s Stash implemented the use of Blockchain DNS[3]
via a Chrome browser extension[4] in 2017.

These Blockchain websites make use of a decentralized DNS where
the top-level domains (e.g., .bazar) are not owned by a single
central authority, with the lookup records shared over a
peer-to-peer network as opposed to a DNS provider, thus bringing in
significant advantages like bulletproof hosting[5].

Joker's stashJoker's stash

This also means the move is not expected[6]
to have a lasting impact, as the top-level domain itself cannot be
seized, but rather only the IP address of the server it points
to.

According to cybersecurity firm Digital Shadows, which disclosed
the development, the Tor versions of the site are still accessible,
meaning this action is unlikely to pose a major threat to their
operations.

The actors behind Joker’s Stash took to Russian-language carding
forum Club2CRD stating that no card dumps were stored on the
servers and transition plans were already underway to move the
content hosted on the busted site to a new blockchain version of
the portal.

“I am setuping (sic) and moving to the new servers right now,
blockchain links will [be] back to back to work in a few days,” the
site’s representative said in a forum post, adding “use Tor links,
bros!”

Interestingly, it is not immediately clear if the law
enforcement agencies are indeed behind the coordinated
takedown.

Although last week, the affected .bazar version of the site
began displaying a note that the US Department of Justice and
Interpol had seized the site, Digital Shadows said the four
blockchain sites are now showing a “Server Not Found” banner.

Joker’s Stash is particularly infamous for advertising the
breach of US-based convenience store chain Wawa last December[7], with the hackers
putting up for sale the payment card details of more than 30
million Americans and over one million foreigners.

“The seizure of the .bazar domain likely will not do much to
disrupt Joker’s Stash, especially since the team behind Joker’s
Stash maintain several versions of the site and the site’s
Tor-based links are still working normally,” Digital Shadows
said.

“Furthermore, Joker’s Stash maintains a presence on several
cybercrime forums, and its owners use those forums to remind
prospective customers that millions of credit and debit card
accounts are for sale.”

References

  1. ^
    happened
    (www.digitalshadows.com)
  2. ^
    Blockchain proxy server domains
    (blockchain-dns.info)
  3. ^
    Blockchain DNS
    (www.digitalshadows.com)
  4. ^
    Chrome
    browser extension     (www.recordedfuture.com)
  5. ^
    bulletproof hosting
    (thehackernews.com)
  6. ^
    not
    expected     (intel471.com)
  7. ^
    last
    December     (krebsonsecurity.com)

Read more

Leave a Reply

Powered By Anakyst UK Work done easy Discover Great Places People Websites in Nigeria. Be Discovered and Discover Great Places People Products & Websites in Nigeria. Tell us what you need to advertise online onradio ontv and where you want to advertise and discover talented publishers and advertisers within minutes for just a fraction of the cost!JobScout | Developed By Rara Theme. Powered by WordPress.