Mysterious man in a hoodie with computer and card

Russia shuts down 3 dark web sites with reported $263M in digital currency proceeds

Russian authorities have cracked down on yet another batch of dark web sites, this time targeting online marketplaces for stolen credit card information. Three marketplaces were shut down in the latest campaign, which together had generated $263 million in digital currency proceeds.

According to a report by U.K. blockchain analytics firm Elliptic, the Russian Ministry of Internal Affairs took down three marketplaces—Trump’s Dumps, UAS Store, and Ferum Shop—as well as online stolen card forum Sky-Fraud.

Ferum Shop was the prime target, with Elliptic revealing that it was the biggest stolen credit card marketplace in the world before its seizure. 

The marketplaces cater to what is one of the oldest vices in the online criminal underground—carding. This is where hackers steal payment card details from hundreds of millions of victims through online retailers, banks, and other avenues. They then sell them on dark web marketplaces where the customers use them to purchase expensive items or gift cards, which they sell for cash.

While profitable in its own right, carding is also widely used to launder digital assets obtained from all forms of cybercrime, Elliptic notes.

Ferum Shop ascended to the top of the carding marketplaces pyramid when the previous market leader UniCC was shut down in January. The marketplace, which debuted in 2013, raked in an estimated $256 million in digital currencies, accounting for about 17% of the entire stolen credit card market.

Trump’s Dumps specialized in selling raw magnetic strip data from compromised cards and had brought in $4.1 million since its launch in October 2017. The marketplace was conspicuous for its use of the image of the controversial former U.S. president, with its slogan being “Make Dumps Great Again.”

Slogan of Make Dumps great again
Image courtesy of Elliptic

Sky-Fraud wasn’t a marketplace but was a forum where the hackers and their clients communicated and shared money laundering tips, authorities said. When Russian authorities seized the site, they left an emoji in the source code, which translated to, “Which one of you is next?”

The message was similar to that left on UniCC, which was at the time of its seizure the largest carding marketplace in the world and had made $372 million in digital currencies.

The crackdown comes just weeks since the Russian Federal Security Service (FSB) busted REvil, one of the world’s most destructive ransomware gangs. As CoinGeek reported, the group is reported to have received over $200 million in extortion payments through digital currencies in recent years.

Watch: CoinGeek New York presentation, FYI: Better Information Tools for a More Lawful Blockchain Industry

New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.

[id^="_form"]
[id^="_form"]
[id$="_submit"]
[id$="_submit"]
[^;]
[^;]
[?&]
[?&]
[^&#]
[^&#]
[(d+)]
[(d+)]
[elem.name]
[elem.name]
[+_a-z0-9-'&=]
[+_a-z0-9-'&=]
[+_a-z0-9-']
[+_a-z0-9-']
[a-z0-9-]
[a-z0-9-]
[a-z]
[a-z]
[el.name]
[el.name]
[id^="_form"]
[id^="_form"]
[id$="_submit"]
[id$="_submit"]
[^;]
[^;]
[?&]
[?&]
[^&#]
[^&#]
[(d+)]
[(d+)]
[elem.name]
[elem.name]
[+_a-z0-9-'&=]
[+_a-z0-9-'&=]
[+_a-z0-9-']
[+_a-z0-9-']
[a-z0-9-]
[a-z0-9-]
[a-z]
[a-z]
[el.name]
[el.name]