Breach alert in South Korea after 1m card details were put up for sale online

South Korea card dump spike

Volume of South Korean-issued records added to the dark web

Image: Gemini Advisory

Authorities and companies in South Korea should be scrambling by now to track down a major card breach after the details of more than one million payment cards have been put up for sale online over the past two months.

Details for 890,000 and 230,000 payment cards were put up for sale on a hacking forum in July and June, respectively, cyber-security researchers from Gemini Advisory have told ZDNet today.

Coinbase 2

Source of the breach unidentified

The source of these payment card details has not yet been identified, researchers said. Based on the fact that the card records only contained CP (Card Present) details, this automatically rules out web-based skimmers (Magecart scripts) installed on online stores.

Possible sources of where crooks may have obtained the card records include (1) malware installed on Point-of-Sale (PoS) systems at stores or restaurants; (2) a breach at a bank, payment provider, or PoS company; or (3) card skimmer devices installed on ATMs or PoS terminals.

However, because EMV cards are widely adopted in South Korea, the third source seems very unlikely.

Cards from South Korea and APAC countries are in high-demand

The Gemini team also points out that there was a high demand for South Korean card data on cybercrime forums before this recent dump, which might have triggered cybercrime groups going after South Korean targets, and indirectly causing the current breach.

This high demand also explains why crooks are selling this payment card dump at a higher price than before.

“The median price per record from this spike is $40 USD, which is significantly higher than the median price of South Korean CP records across the dark web overall, which is approximately $24 USD,” Gemini researchers said in a report published today and shared with ZDNet. “This sudden influx in card supply may be highly priced in an attempt to capitalize on the growing demand.”

South Korean card details

South Korean card details

Image:Gemini Advisory (supplied)

In an email to ZDNet, Christopher Thomas, a security researcher with Gemini Advisory, explained why cybercriminal groups have been recently focusing on South Korea, and the Asia-Pacific region as a whole, in recent years.

“The demand for payment card data issued by the APAC banks has always been high,” Thomas told ZDNet. “Since many of these financial institutions have less sophisticated antifraud systems than their Western counterparts, cybercriminals learned that the return on investment for APAC cards is much higher when compared to North American cards.

“Disturbingly enough, it appears that hackers have learned that South Korean payment infrastructure is especially vulnerable to attacks, which resulted in the massive breach that is currently unfolding,” Thomas added.

Source of the breach won’t stay a mystery for long

This entire case is similar to a report from February, this year, when security researchers from Group-IB found card records for 2.15 million US citizens on an underground carding forum.

A month later, that card dump was linked to a breach at Earl Enterprises, a US company that owns several restaurant chains such as Planet Hollywood and Earl of Sandwich, which admitted to hackers breaching its IT network and planting PoS malware at various restaurants.

For now, the mystery of where these South Korean card details came from remains unsolved. However, this won’t remain a mystery for longer.

As card-cloning groups start buying and using the cards, owners will start reporting fraudulent activity, and authorities will eventually track down the common payment handler in all of the victims’ reports.

Related malware and cybercrime coverage:

Breach alert in South Korea after 1m card details were put up for sale online 1
blank
About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

blank

E-Crypto News Executive Interviews


blank

bitcoin
Bitcoin (BTC) $ 32,548.00
ethereum
Ethereum (ETH) $ 2,074.16
tether
Tether (USDT) $ 1.00
binance-coin
Binance Coin (BNB) $ 290.32
cardano
Cardano (ADA) $ 1.18
xrp
XRP (XRP) $ 0.598070
usd-coin
USD Coin (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.192609
polkadot
Polkadot (DOT) $ 12.94
binance-usd
Binance USD (BUSD) $ 1.00
USD
EUR
GBP
bitcoinBitcoin (BTC)
$ 32,548.00
ethereumEthereum (ETH)
$ 2,074.16
tetherTether (USDT)
$ 1.00
bitcoin-cashBitcoin Cash (BCH)
$ 445.80
litecoinLitecoin (LTC)
$ 120.53
bitcoinBitcoin (BTC)
27.651,97
ethereumEthereum (ETH)
1.762,15
tetherTether (USDT)
0,849575
bitcoin-cashBitcoin Cash (BCH)
378,74
litecoinLitecoin (LTC)
102,40
bitcoinBitcoin (BTC)
23,914.48
ethereumEthereum (ETH)
1,523.98
tetherTether (USDT)
0.734745
bitcoin-cashBitcoin Cash (BCH)
327.55
litecoinLitecoin (LTC)
88.56

Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

Cryptocurrency Exchanges
Cryptocurrency Exchanges and the Plague of Scams and Bans
June 29, 2021
blank
What Role Do Cryptocurrencies Play In The Era Of Ransomware Attacks?
June 9, 2021
Crypto Scams On The Rise As Market Enters Bull Cycle
Crypto Scams On The Rise As Market Enters Bull Cycle
December 22, 2020
Harpreet Singh Sahni perpetrated the Plus Gold Union Coin (PGUC) scam
Sydney Concert Promoter Harpreet Sahni Involved In $50M Crypto PGUC Scam
November 2, 2020
KuCoin hackers steal $150 million
KuCoin Exchange Hacked But Insurance Will Cover The Stolen $150M
September 29, 2020

Blockchain/Cryptocurrency Questions and Answers

Short-Sell Cryptocurrency
How to Short-Sell Cryptocurrency: A Brief Overview
July 17, 2021
Klaytn
What Is Klaytn (KLAY) And How Does It Work?
July 16, 2021
Cryptocurrencies
Our Crypto Roundup Interview Asks- Do Cryptocurrencies Have a Future?
July 15, 2021
Solana
What Is Solana (SOL) And How Does It Work?
June 26, 2021
blank
What Is Plethori Platform And How Does It Work?
June 12, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d

bitcoin
Bitcoin (BTC) $ 32,625.00
ethereum
Ethereum (ETH) $ 2,048.98
tether
Tether (USDT) $ 1.00
binance-coin
Binance Coin (BNB) $ 289.39
cardano
Cardano (ADA) $ 1.17
xrp
XRP (XRP) $ 0.591824
usd-coin
USD Coin (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.190488
polkadot
Polkadot (DOT) $ 12.85
binance-usd
Binance USD (BUSD) $ 1.00