My DokuWiki

When it comes to the hidden corners of the internet, few places are as infamous as the darknet and deep web. They are sometimes misunderstood and often misrepresented. While they have legitimate uses, they have also gained notoriety for harboring a thriving trade in illicit goods, including stolen credit card details.

To clarify, the deep web refers to parts of the internet that are not indexed by traditional search engines, which could include your email inbox or the back-end databases of private companies. The darknet, a subset of the deep web, is where websites operate anonymously and can only be accessed with specific software like Tor, ensuring transactions and identities are hard to trace. This privacy and anonymity have unfortunately made the darknet a hub for illicit activities, including the trade in stolen credit card information.

The cybercriminals' modus operandi is straightforward. They gain unauthorized access to a victim's credit card details through methods like phishing, malware, or skimming, and then sell these details on darknet marketplaces. Once sold, these details can be used for unauthorized transactions, identity theft, and other fraudulent activities.

According to Cybersecurity Ventures, cybercrime, including credit card fraud, is predicted to cause damages worth $10.5 trillion annually by 2025, up from $3 trillion in 2015 [1]. While it's difficult to separate out the impact of credit card fraud alone, this stark increase underlines the severity of the problem.

An analysis by Privacy Affairs found that as of 2021, the price for stolen credit card details on the darknet ranged from $12 to $20 per card, depending on the card's region, brand, and other factors [2]. In essence, a criminal can steal someone's financial identity for less than the price of a meal.

Though it's challenging to quantify the exact number of stolen credit cards traded in the darknet, a 2019 study by Sixgill, a cybersecurity firm, revealed that nearly 23 million credit card numbers were being sold on the darknet [3]. This alarming figure only represents the cards that were detected.

There are two types of credit cards that can be tracked in Kaduu:

1. Free Cards: Credit cards, which are offered for free on the Dark- and Deepweb. Although millions of credit cards are indexed in the Kaduu logs, it can be assumed that the data is rather outdated. It is unusual for functioning credit cards to be offered for free. This type of credit cards can be found in the database search in the Control Center app.
2. Paid Cards: Credit cards that are offered for sale on the dark and deep web. This type of credit card is offered like a commercial good. Mostly, they are functional cards for which you have to pay a certain down payment.

We try to collect mostly freely available credit card log dumps. These dumps may not have the very latest card data, usually sold for a high price, but can still help owners find out if their card has been affected by a leak in the past. Occasionally, we also purchase dumps and make them available in Kaduu's elastic search DB..

The cost of buying stolen credit card information on the darknet varies depending on a number of factors, including the type of card, the card's issuing country, and the amount of information that is included with the card.

Typically, a single credit card number, known as a "dumps," can be sold for a few dollars. A "dumps" is the information on the magnetic strip of a credit card, which can be used to make fraudulent purchases in-store.

On the other hand, a full package of information for a credit card, known as "fullz," which includes the cardholder's name, address, date of birth, social security number and other personal information, can be sold for $10-$50. These fullz are used to make fraudulent purchases online, open bank accounts, apply for loans, and for other financial frauds.

It is important to note that these prices are just an estimate and the cost may vary depending on the source and the quantity of data available. It's also worth noting that the prices are subject to change over time, and the prices may be different based on the location and the vendor.

We search popular websites (hacker forums) or marketplaces for credit card offers. These websites can be found on the Deepweb or Darknet. We have an array of paid accounts to keep track of the most recent leaks. We are constantly working on extending our list of websites to scrape data from.

On some sites, metadata about the credit cards is published - on other sites, a package is offered without you knowing what is inside before you buy it. Below an example how credit cards can be offered without any metadata:

The goal is to scrape the entire website and filter new records. We ususally find two types of websites:

• Case 1: If we see a clear news feed that can be processed by a script to filter new records, we check that feed daily and run the script only when updates are added.
• Case 2: If a news feed is actually unclear (as in the following figure), we scrap the entire site and filter new records at the database level

Note: sometimes a record may appear in multiple databases within the context of a website, so we store both records

Unfortunately, very often artificially generated credit card data is offered, which is not associated with any real account. However, there are websites where the sellers are rated. Here is an example:

For this reason, you can also filter for sellers in Kaduu.

A typical website has the following fields for each credit card record:

• BIN (4, 5 or max 6 Digits)
• Expiration Date,
• Price

However, some websites offer more fields:

• Country/State/PLC
• address/full name/part of name
• A base name to which this record belongs, and a valid rate.

The basename probably contains the publication date, so we can understand when a CC record was published. Our tools filter invalid records that have been published on websites, and we try to capture as many fields as possible related to the credit card in question.

The paid credit card search can be found under the nafigation CC search on the deep-web-app:

The free cards can be queried in control.center via dashboard or API (https://wiki.kaduu.ch/doku/doku.php?id=api).

The credit card data published here comes from leaks that have already been published on the darknet. New cards are added continuously. The database is updated weekly or daily for major leaks. You find the Credit Card Search in the expert mode only:

On this page you can search in a database of indexed credit card leaks. Credit cards are displayed in masked form and when you are searching the database. You may search using first 6 and last 4 digits and replace all middle digits with "X" - thus you will not expose your credit card number to the system. Otherwise, the number gets hashed with SHA-256 algorithm before being sent to our server.

Please note that there are specifc search operators you have to use to get to the data. If you just look for the name "john" you will find 0 results:

If you search for owner:john you get more than 5000 results:

You can also look for owner:john doe, which looks for John OR Doe:

If you want only "John Doe" as an exact match, you have to search for owner:"john doe"

Detailed Search Syntax:

Available Fields:

Detailed Syntax: