https://www.cyberscoop.com/jokers-stash-data-breach-recorded-future/
By Jeff Stone
CYBERSCOOP
October 24, 2019
If it’s possible to describe a cybercriminal marketplace as “reputable” while
maintaining a straight face, then Joker’s Stash fits the description as well as
any other.
The site has emerged in recent years as a destination for scammers who buy and
sell credit card information stolen after data breaches from victims including
the Hy-Vee supermarket chain, Sonic Drive-In and others. Now, the site has
expanded to include an array of personal information on high-value targets,
including members of the Trump administration, as part of an evolution toward
making illicit transactions more user friendly, according to research published
Thursday by threat intelligence firm Recorded Future.
It’s also available without the use of Tor, the well-known anonymity software
that unlocks websites not accessible with mainstream web browsers.
Researchers who explored Joker’s Stash following reports that information
stolen from Hy-Vee had been made available also found a new section dedicated
entirely to Social Security numbers, which personal details available for $5
per record and searchable by name, birth date, or victim location. The
expansion came amid a new marketing campaign, with Joker’s Stash operators
advertising the site on Twitter, Reddit, and other carding forums. (Those
advertisements don’t appear to have generated much attention, as the Joker’s
Stash Twitter page has a mere eight followers and few, if any, interactions.)
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
