BriansClub Has Been Target of a Hack

Page 1

BriansClub is an underground black market store that offers stolen credit card data for sale. It is one of the largest and most prominent sources of such information, and it has been the target of a recent hack that has raised serious concerns about the security of the site. While the source of the hack is unknown, the data is still available for purchase. According to security intelligence firm Flashpoint, BriansClub has $414 million worth of cards in its inventory. However, only 9.1 million of those cards have been sold in the past year. The remaining 14 million are unexpired. This makes


the total amount of stolen credit cards that have been sold by BriansClub between 2015 and 2019 about $126 million. BriansClub's business model is to resell stolen credit card data to online fraudsters. The company has received at least 26 million records of stolen payment details over the past four years, according to the company's own estimates. They sell these "dumps" to online buyers for a fee, and the amount of revenue that the company generates from each sale is unknown. The information is encoded on a magnetic strip and can be used to make counterfeit payments cards. When the data is hacked, it can also be used for credit-card-present fraud. One of the ways that this happens is by skimming cards, or by inserting the numbers into a computer's memory. Other types of card-present fraud can occur when a person's identity is stolen and used to create fraudulent accounts. BriansClub claims to support online sales and auctions. The site is also available for loaning money, and offers a variety of discounts for regular users. In addition, the site offers free gifts and prizes to customers. To use these services, you'll need an account. Those who have an account can access the s ite and bid on items, and get discounts based on volume. A login will also allow you to


change your PIN and DOB, which are necessary to approve larger transactions. You'll also need to set up a jabber account to view the site. A source told KrebsOnSecurity that the company's database had been hacked. The hack is believed to have occurred in the early part of the year. Another source claimed to have a plain text file containing a full database of cards for sale through the BriansClub site. That's a lot of cards. The source claims to have had the company's database compromised, and then shared it with multiple banks and financial institutions. The data was then reviewed by Krebs. He verified that the information was legitimate, and that the source was not a cybercriminal. During the review, the source also informed BriansClub that the stolen data would not be posted on the site for at least five days. After the data was reported, BriansClub began to modify its web pages. These modifications included doctored images of personal information, which were found on the site's homepage.


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.