Group-IB, an international company that specializes in preventing cyberattacks, has discovered new databases with a total of 69,189 Pakistani bank cards that have shown up for sale on the dark web.
The total market value of the databases is estimated at nearly $3.5 million. According to Group-IB data, it is the second biggest sale of Pakistani bank cards in the past 6 months, which may indicate the activity of advanced financially motivated threat actors in the region.
96% of all card dumps, unauthorized digital copies of the information contained in the magnetic stripe of a payment card, were related to a single bank – Meezan Bank Ltd.
However, a Meezan Bank spokesperson said that following the last hack, which took place 6 months ago, the Bank had asked its customers to change their PIN numbers and added various other security measures.
The full statement is as follows:
We are aware of this rumor going around. All our security measures are in place and we have not experienced any unusual event.
Also, we have taken the following steps to safeguard our customers:
1. Customers are forced to change their PINs on ATM machine if they haven’t changed them in 6 months.
2. All Meezan ATMs are Chip Card enabled which protects against any skimming
3. Furthermore, Meezan Bank has introduced a unique and innovative SkimGuard service that protects high value transactions through real time OTP verification on ATM machine.
As you can see, we have various steps in place to ensure the safety and security of our customers and their data. While we are unable to verify the authenticity of the rumours at this point, we can confirm that our customers, their cards and their money is safe.
Double Trouble for Pakistani Banks?
Pakistani bank card details are rarely sold on underground cardshops. This and the fact that all the cards came on sale with PIN codes explains the high price of this latest card dump, which is 50 USD per card, while usually, the price per card on dark web forums ranges from 10 to 40 USD.
First set of dumps, titled «PAKISTAN-D+P-01», was up for sale on Jan. 24, 2019 and included 1,535 cards, 1,457 of which were issued by Meezan Bank Ltd. It is worth noting that this batch of cards was not announced on the forum.
The second database was put up on Joker’s Stash on January 30th. The «PAKISTAN-D+P-02» set, comprised of the details of 67,654 cards of Pakistani banks was significantly larger. The sellers marked the set as “high valid” and, unlike the first set, advertised the database on all major underground forums such as («Omerta», «Crdclub», «Enclave» etc.).
Dmitry Shestakov, Head of Group-IB сybercrime research unit, said:
The scale, volume, frequency and connection to one institution contributes to the theory that the leak might be involved in a larger incident, potentially an advanced actor gaining access to card systems within Pakistan.
This is a developing story and we will update it as more information becomes available