On February 15, 2021, after nearly 6.5 yrs running a business, the prolific card store Joker?s Stash closed its doors. Those behind the shop, which had been a pillar of the cybercriminal underground for a long time, announced that they have been retiring, reminding their fellow fraudsters within their farewell message that ?the most truly valuable stuff in this life are free.?
While card shops have already been a fe-acc18.ru login staple of the underground for years, few have managed to achieve the amount of prominence that Joker?s Stash loved. The shop was frequented by consumers from all over the world ? the site was obtainable in English and was marketed heavily on many Russian-language community forums ? and cultivated ties with famous cybercriminal gangs such as for example FIN7 and Anunak (also known as Carbanak), which supplied the go shopping?s inventory.
The past year had not been an easy one for the crew behind Joker?s Stash, on the other hand. In October, an associate of the gang posted that they had been recently hospitalized with COVID-19, and in December the store?s blockchain DNS domains temporarily displayed a police seizure notice, an incident that is still somewhat unexplained. To top rated it off, many criminals had been complaining about a decline in the grade of cards given by Joker?s Stash in the last several months.
On January 15, 2021, Joker?s Stash announced their imminent closure on various underground channels. The site?s administrators opted to give their clients a 30-time notice so as to spend any remaining balance they could have on the website. On February 15, 2021, the lights turned off and the gang went residence.
In this blog, Blueliv analysts investigate the existing card shop ecosystem, from effective shops that may grow in the vacuum left by Joker?s Stash?s withdrawal as well as other recently shuttered card shops.
FERum Shop ? sometimes generally known as FE Shop ? is an English-language card shop that has both a clear internet domain and an onion domain. To be able to access information regarding the shop, such as updates and card information, one must log into the site. Creating a new account is relatively simple, though it can require contact information such as Jabber ID and ICQ quantity to register.
According to metrics shared by the website itself, FERum Shop has info on millions of compromised cards. The site regularly advertises the point that new compromised data has been added and is available for sale.
FERum Shop allows prospective clientele to see the millions of CVVs on the site. CVVs, often known as ?cards? on the underground, will be compromised card information commonly stolen from online sources such as for example phishing internet pages or Magecart skimming tactics.