11th April 2021, Kathmandu
Until recently, the carding store Swarmshop was a popular, illicit online market where cybercriminals could go to sell and purchase stolen credit cards and banking data. However, the store’s luck may have run out—and it may have taken a little of your luck with it.
On March 17, 2021, a huge cache of the site’s user and administrator data was leaked online to a different underground forum, a new report published Thursday by threat research firm Group-IB (a global cyber threat intelligence company) shows.
While it’s unclear exactly who stole this data, how, or when, what we do know is that there is a lot of it. The leak exposed thousands of data points, including information on four of the site’s administrators, 90 “sellers,” and 12,250 “buyers.” The dump included criminals’ “nicknames, hashed passwords, account balance, and contact details for some entries,” the researchers write.
Interestingly, Swarmshop was targeted by fellow cybercriminals earlier in January 2020 as well. And the same story had played out. The card shop’s records were leaked on an underground forum by a user likely motivated by revenge.
