Darkweb credit card marts in decline across Asia, researchers claim
India tops the charts for document theft
The number of stolen Asian credit card numbers appearing on darkweb crime marts has fallen sharply, cyber security firm Group-IB told Singapore's ATxSG conference on Thursday.
Instead, the region's bad guys have escalated their attempts to steal corporate documents – with India the prime target across the region.
The researchers spotted crims using botnets to lift 3,249,318 records from Indian orgs in 2023, with entities in the nation also suffering compromise of 413 corporate accounts. Indonesia scored second place on the compromised docs chart after 1,950,951 botnet burglaries. Vietnam came in second on the count of compromised accounts, with 322 corporate account cracks.
Out of 100 detected APAC company data breaches Group-IB detected that brought in over 81 million records, 34 were from India and 22 from Indonesia. Taiwan came in third place with a mere 6. Data breaches in APAC are on the rise, experiencing a 27 percent year-on-year increase.
And out of 29 million compromised accounts found on sale on the dark web, over 12 million featured top level domains related to India. Indonesia came in second place with nearly 4.4 million. The bulk of the accounts were offered on Russianmarketshop (85 percent) and nabbed using Raccoon stealer (73 percent).
Group-IB’s business development director Kamo Basentsyan said it is easy to understand why India, Indonesia and Vietnam are targeted - they're large nations and heavy users of infotech. But that doesn't mean other countries are not targets.
- Browser extension developers targeted with schemes and scams
- Crims steal data on 40 million T-Mobile US customers
- Dark Pink cyber-spies add info stealers to their arsenal, notch up more victims
- Microsoft says share the wealth with cyber-info for business
India did not top Group-IB's list of nations where malware slung by malicious Android overlay vendor InTheBox is prevalent. Australia took the lead in this category with 34 mobile apps, followed by India with 33. Third and fourth place were Japan (23) and Singapore (21).
InTheBox mostly facilitates banking malware, so targeting wealthier countries like Japan, Singapore and Australia, means criminals earn more for their efforts.
Group-IB found dark web credential marts had more corporate account cracks, and credit cards, sourced from China than any other nation in the region.
The Singaporean infosec firm reported its found text and data dumps containing over 213,000 APAC credit cards on sale so far in 2023, a number that is 10 times less than the amount of cards in the same period in 2022.
Over 62,000 were Australian credit cards, followed by over 29,000 from China.
A decline of credit cards on sale on the dark web while data breaches are on the rise could be interpreted as a further shifting of criminal business model away from targeting individuals and toward the potentially more lucrative targets represented by businesses, governments, and other entities.
Group-IB is the cybersecurity firm behind the discovery of suspected nation-state-sponsored cyber-espionage group Dark Pink, which was announced this year. The group has recently expanded it targets to include, among other places, India. ®