Open Source Intelligence

 

Goldendumps is an active underground carder sell that sells stolen credit card information.  As a caution to small business owners and operators, this underground forum exposes the risks of bad actors stealing credit card information from network intrusions or point of sale (POS) interception. 

Wapack Labs discovered GoldenDumps (GD) through their clear web marketplace and forum called Prytzone.  The Prvtzone marketplace mainly sells stolen credit cards, specifically American Express and Discover credit card information.  The seller is identified as "Goldendumps," who sells credit cards from $17-$20 USD.  The site was formed on 2 September 2017 and is still active.  Users can create a free account to access Prvtzone.  From this point, users participate in this forum to share collection and selling methods; or one can go and shop in their marketplace.  The shop employs various vendors selling a variety of products.  GD includes other websites that are uses for their carding and dumping business.  GD also includes a Jabber instant message address and has an active TOR[1] website.   

General Delivery

Users must contact GD from jabber or other private sites to negotiate prices on dumps/CVV and other credit card information.  This is where the sales take place.

Mitigation

Always be vigilant with phishing attempts, that employ social engineering schemes to enter your network.  Never open suspicious e-mails and questionable e-mails, which appear out of place.    Individually, always be careful when using point of sale (POS) devices with your credit card.  These are two ways in which malicious bad actors obtain credit card information for sale on underground forums such as PrvtZone and the malicious seller GoldenDumps.

 

[1] Tor is free software for enabling anonymous communication. The name is derived from an acronym for the original software project name "The Onion Router"

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!

Join Red Sky Alliance

Comments

  • I will search CTAC for indicators
This reply was deleted.

Wapack Labs Blogspot

US Computer Emergency Response Team - Alerts

Comment Wall

You need to be a member of Red Sky Alliance to add comments!

Join Red Sky Alliance