Briansclub stands as a beacon of the dark web, offering illegal financial data to facilitate credit card malfeasance. Their access to such illicitly obtained finances fuels fraudsters worldwide and contributes to global identity theft as well as financial loss for victims.

KrebsOnSecurity was recently contacted by an individual claiming to possess all available cards offered for sale through brians club – including cards currently and historically offered through this site whose owner dubiously claims copyright of both his site and likeness. This source sent us an empty text file which purported to contain this database of cards for sale, purportedly the entire collection offered for sale through Briansclub and potentially sold via its marketplace.

Fraudulent Website

An established dark web “carding store” that specialized in selling stolen credit and debit card data was breached recently, with hackers making off with 26 million payment card records – one-third of the total cards currently available for sale on underground marketplaces, according to one company monitoring them.

KrebsOnSecurity was provided with nearly 10 gigabytes of files containing BriansClub data, including card account details from hundreds and perhaps thousands of compromised online and physical stores over four years. Resellers often purchase stolen accounts from hackers who gain entry through point-of-sale breaches at physical shops as well as retailers, before reselling them at a profit to other resellers.

BriansClub is one of many platforms offering stolen card data for sale; KrebsOnSecurity strives to identify them all so companies and individuals alike can better avoid these marketplaces for stolen credit card data.

Krebs claims that the criminal who stole BriansClub data did so by breaking into a password-protected server account, then using brute-force to break in through it. According to Krebs, they then uploaded all their stolen information onto other dark web websites.

Krebs of Security, who writes a popular cybercrime blog and is known for criticizing carding stores that sell stolen card data, made public this breach. He claims multiple sources informed him about it including one high-level bank official.

Krebs says the leaked database indicates that BriansClub added 1.7 million card records for sale between 2015 and August of this year; that figure increased to 7.6 million between January and August alone, according to Krebs. Most of these cards in the database contain “dumps,” or strings of ones and zeroes that can be programmed into point-of-sale systems in order to make fraudulent purchases online or at brick-and-mortar stores.

Scam Alert

Briansclub was compromised and 26 million credit cards and other sensitive information was taken, which were then offered for sale online marketplaces such as Dark Web marketplaces. People purchasing stolen credit card data through these dark web marketplaces could use it to commit various types of fraud such as unauthorized charges to identity theft; and result in significant monetary losses for victims as well as financial institutions alike; for example when banks or credit card companies receive reports of unapproved transactions they will often need to reimburse those charged as soon as they know of these events causing further strain, as well as stress and anxiety for both parties involved.

Briansclub was targeted as part of an attack against an underground market for stolen credit card data. This marketplace features numerous websites selling credit and debit card data as well as other identifying details like social security numbers and dates of birth, which can then be sold back at ATMs or used fraudulently during transactions. Furthermore, data can also be used to create fake cards which can then be encoded to rack up charges against other people’s accounts or go on spending sprees.

Last month, KrebsOnSecurity received an email containing data for more than 27.2 million stolen credit and debit cards from hundreds or even thousands of compromised online and physical businesses over four years. KrebsOnSecurity learned of their theft via BriansClub – an underground carding store which has used this author’s name, image, and reputation in advertising since 2015. KrebsOnSecurity learned these cards originated with hackers or “resellers” who make money selling stolen card data, often at an attractive profit margin from resellers as they receive a percentage of each sale price from them as commission from them reselling card data resellers who profitably sell stolen card data back onto retailers or buyers directly reselling merchants who pay them commission fees before passing along this information onto sellers who in turn pay commission for every sale price commission from them resellers or sellers as compensation from them directly or the reseller themselves reselling to sellers or resellers who in turn pay commission on sales made.

“Dump” refers to stolen credit card data sold for sale on the dark web in strings of ones and zeroes that can be encoded onto anything with magnetic stripes, often used by cybercriminals to rack up charges against other people’s accounts or purchase valuable goods such as electronics or gift cards at discounted prices for reselling on criminal forums.

Scam Warning

Briansclub, a popular black market site offering stolen credit card data, was recently compromised, sending shockwaves through cybercrime world. Criminals using stolen data from this and similar sites to cause havoc for consumers as well as financial institutions; not only will such crimes cause financial losses for victims but will also strain banks further and damage consumer confidence further.

KrebsOnSecurity was approached in September by an individual claiming that they had obtained the full database of cards available for sale at BriansClub[.]at, an established fraud marketplace which has used the author’s name and image in advertising since 2015. Furthermore, BriansClub[.]at falsely claims copyright at the bottom of each page by including an author logo attributed directly to them as well as copyright claims at its base.

Security intelligence firm reports that an online site’s inventory of stolen card records currently exceeds $414 million worth of goods. Most cards available can be encoded into magnetic stripe fraud that allows for unwarranted purchases to take place.

Criminals could use this huge pool of card data containing 21.6 million credit and debit cards that don’t expire until after October 2019 for various illicit purposes, including making fraudulent purchases with fake cards, accruing charges against others’ accounts, and going on spending sprees.

Black market sites enjoy a widespread reputation among cybercriminal communities due to the quality and quantity of stolen data available for purchase on them, which then serves as the basis for fraudulent transactions on dark web markets. Furthermore, their involvement in significant data breaches or other notable incidents have only elevated their stature within these communities.

Although the threat posed by the sale of stolen credit card data remains significant, steps can be taken to protect consumers from this form of fraud. Consumers should review their statements regularly for suspicious activity and immediately report it; furthermore they may wish to consider encrypting sensitive data online to minimize damage from fraudulent transactions.

Recommendations

Briansclub is a widely recognized dark web marketplace where stolen credit card data is traded illegally. Over time, its impressive inventory has made it an attractive target for cybercriminals looking to exploit vulnerabilities in financial systems.

This site takes its name from its alleged founder, who remains unknown. Since its debut, this enigmatic platform has quickly become one of the go-to places on the dark web for criminals to transact illegally by selling credit card data and other illicit products and services.

Krebs on Security reports that, since 2015, they have sold 9.1 million stolen card records at auction for $126 million, each valued at $500. That number represents the average loss per victim involved in federal hacking prosecutions that involve stolen credit card data.

Criminals using stolen card data from the dark web to commit unauthorized charges and identity theft often have disastrous effects for both victims and financial institutions, who face increased costs associated with investigations, fraudulent transactions and regulatory compliance compliance costs.

Cybercriminals employ various means to access credit card data, including hacking point-of-sale systems, card processor breaches, skimming and phishing attacks. Once they gain access to this data, cybercriminals may profit by creating fake cards that charge against victims’ accounts or going on shopping sprees with them.

Law enforcement plays an invaluable role in combatting cybercrime, dismantling underground websites such as briansclub cm and protecting consumers and financial institutions from being taken advantage of by savvy cybercriminals. Their efforts involve analyzing digital footprints, conducting undercover investigations and using advanced technological tools.

Anyone attempting to avoid becoming victims of credit card fraud should follow these recommendations: