US Federal Bureau of Investigation and Interpol officials have seized a small number of servers used by Joker’s Stash, the Internet’s largest marketplace for buying & selling stolen cards, temporarily disrupting the site’s activity.
Interpol sent a mail stating that the server seizures are an ongoing “coordinated police operational activity” but have not explained further.
Seizure banners appeared on four Joker’s Stash sites, at jstash.bazar, jstash.lib, jstash.emc, and jstash.coin.
These are websites that use top-level domains (TLDs) managed by Emercoin, a blockchain company. Records for these domains are stored inside a blockchain and cannot be transferred to anyone else without the domain owner’s cryptographic signature.
Irina Nesterovsky, Chief Research Officer at threat intel firm KELA, posted a message on an underground forum according to which one of the Joker Stash administrators confirmed the disruptions but said that law enforcement only seized the servers hosting the four domains, which only acted as proxies, redirecting users to the actual Joker’s Stash portal.
The Joker’s Stash operator said the domains would be restored on new servers within few days.
As per Intel 471 and Digital Shadows, the FBI & Interpol disruption attempt are regarded as “temporary.”
According to the Digital Shadows team, the seizure of the .bazar domain might not disrupt Joker’s Stash much as the team behind Joker’s Stash maintain several versions of the site and the site’s Tor-based links are still working normally.
JokerStash was one of the original proponents of moving dark web services to Blockchain technology. .
The Joker’s Stash portal has been operating since October 7, 2014, and often posts packs of stolen payment card details that can be used for both CP (card present) and CNP (card not present) fraudulent transactions.
In the past 1 year it has posted more than 35 million CP records and over 8 million CNP records.
They also advertise major breaches containing millions of records. This year some of its major breaches include BIGBADABOOM-III (which compromised Wawa), NIRVANA (which compromised both Islands Fine Burgers & Drinks and Champagne French Bakery Cafe), and BLAZINGSUN (which compromised Dickey’s Barbecue Pit).
The shop has estimated to have made hundreds of millions of dollars in illicit profits, even though this money also goes to the vendors themselves.
Image Credits : TechNadu