BriansClub is a black market site that deals in stolen credit card details. The site uses data-grabbing malware to steal card numbers. These details are then encoded on a magnetic strip, which can be used to make counterfeit cards. It can also be sold to other criminals who can then conduct financial fraud. BriansClub is one of the biggest underground stores for buying stolen credit card information.
A number of sources have confirmed that BriansClub has been breached. The CC AVC scene is likely to suffer a reputational hit from this attack. This may affect the sale of stolen card data on the Internet. As of April 2018, the BriansClub Web site had uploaded nearly eight million records for sale.
This is not the first time that brians club has been hacked. An anonymous source reported that 26 million cards were stolen between mid-2015 and August 2019. However, the identity of the hacker is unknown.
While the cybercriminal community is aware of the threat posed by BriansClub, the attacker has yet to be identified. One possibility is that the attacker combines two approaches: one is to buy or sell the stolen data in cybercriminal forums, and the other is to use the data for fraudulent purchases.
The attack may have a significant impact on the Dark Web landscape. BriansClub has only been able to sell 9.1 million stolen cards in the last year, which means it has lost a major opportunity to make money by selling stolen cards. Since 2010, BriansClub has sold $414 million worth of credit and debit cards, which is more than enough to earn the cybercriminal owner an estimated $500 per card.
BriansClub’s owner has not yet responded to multiple requests for comment. During the investigation of the BriansClub hack, an operator at the site said that Mr. Green had been banned from the forum.
KrebsOnSecurity first reported the briansclub cm hack. According to their report, a source has shared a plain text file with them that contains a full database of cards for sale through BriansClub. This includes a list of all cards currently on the site. In addition to this, the file includes a string of bits-per-inch encoded data.
According to an analysis of the data, the majority of the stolen cards are data dumps. These are strings of ones and zeros that are encoded on a magnetic strip. The site sells these data strings for use in online fraud. To purchase a string of the stolen card information, a user needs to create an account. They then must deposit an initial balance within five days. If the balance is not deposited, the account will be deleted.
After reviewing the BriansClub archive, security intelligence firm Flashpoint estimates that BriansClub had $414 million in stolen credit cards on hand. This figure represents about one-third of the total number of cards in circulation on the dark web. Therefore, it is not surprising that BriansClub is one of the most popular shops for purchasing stolen card data on the Dark Web.
