The Russian Ministry of Internal Affairs has shut down four major illicit dark websites. These are the Sky-Fraud forum, Trump’s Dumps, UAS Store, and Ferum Shop, which is the top stolen credit card market. The crackdown is the second time the stolen credit card market has lost its top seller site in less than a month.
During their lifespan, the sites made an estimated $263 million in unlawful profits from Bitcoin, Litecoin, and Ether.
More about the sites shut down by Russia
Since its establishment in 2013, Russia-based site, Ferum Shop has been the world’s largest marketplace for stolen credit cards, earning an estimated $256 million in bitcoin, making up 17% of the stolen credit card market. Due to Ferrum’s intermittent usage of a payment processor, precise figures are difficult to calculate.
Trump’s Dumps was a well-known carding website from Russia that specialized in selling raw magnetic strip data from compromised cards. Since its inception in October 2017, it has made roughly $4.1 million. The site was well-known for its use of former US President Donald Trump’s picture in its branding.
Both of these carding sites were advertised on Sky-Fraud, a large carding forum, again from Russia, that was also shut down. Discussions on carding techniques and money laundering recommendations were also enabled by Sky-Fraud. In the source code of Sky-Fraud’s forum site, infosec enthusiast Soufiane Tahiri discovered a note left by Russian authorities with an emoji that translated to “which one of you is next?”
The UAS Store was a well-known vendor of stolen RDP credentials that operated from Russia. Users can use these to log in to their accounts from different machines. This type of logging in became increasingly widespread during the COVID-19 outbreak, as it allowed employees to access their work computers from home. As a result, RDP credentials are extremely useful to individuals looking to infect business computers with malware, disrupt operations, or steal critical data.
The seizures came less than a month after former carding market leader UniCC and its associate proxy market LuxSocks announced their retirements.
The seizures coincide with the detention of six members of an unknown hacking gang by Moscow’s Ministry of Internal Affairs for unlawfully transmitting “means of payment.” The link to the confiscated sites, however, has yet to be established.
A move in the right direction?
As Russia gears up for accepting crypto as a legal currency, the country’s Ministries are hard at work shutting down all major illicit websites. This is a move in the right direction, like Russia, although wanting to accept crypto, will not tolerate the illicit use of the currency. Russia’s primary objective is, as any other country, to maintain economic sovereignty and strength.
We are yet to see how Russia formulates its law with regard to cryptocurrencies. Being a major global superpower, all eyes are on Russia for its stance.
Read Elliptic’s complete report on this development.