Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The cost-of-living crisis hits darknet marketplaces as the price of a stolen credit card rises up to 444 per cent over two years, but prices remain cheap.
New research has shown that even dark web markets are not immune to rising prices, with the cost to purchase a stolen credit card rising sharply over the last two years.
According to new research from NordVPN, the price of a stolen card has risen by 444 per cent in some countries since 2023.
Australian credit cards haven’t experienced such a sharp rise, but the cost to buy one has gone up 38 per cent in the last two years. However, just because prices have risen doesn’t mean they’re that hard to buy.
In 2023, the average price of a stolen Australian credit card was $10, but that’s now risen to $13.79.
“Even with prices rising, card data remains cheap enough for entry-level criminals,” Adrianus Warmenhoven, cyber security expert at NordVPN, said in a statement.
“On major marketplaces, a single stolen card often costs about the price of a movie ticket. Cards are frequently sold in bulk, stay valid for long periods, and can be cashed out locally – so for a few dollars, criminals choose between a night at the cinema or a ready-made route to fraud, account takeovers, and outright cashing of someone else’s money.”
The current average price to purchase a credit card is just over $12. Stolen Japanese cards are the most expensive to purchase on the darknet, with an average cost of $34.51.
Stolen credit card prices generally follow the usual rules of supply and demand, with cards from countries with strict anti-fraud protocols and the supply is low, such as Japan, costing more than other countries. On the other hand, cards from countries such as the United States, where the supply is plentiful, tend to be much cheaper and are often sold in bulk.
“The strength of law enforcement and political stability also shape risk and price – where ‘risk’ refers to how advanced issuers are at detecting fraud and how quickly they respond,” Warmenhoven said.
“Cards with longer expiration dates command a premium: about 87 per cent of the cards we observed remain usable for more than 12 months, which makes them easier to resell.”
Once purchased, cyber criminals can turn a stolen credit card into cash via the process of carding. Once a card is bought, it becomes part of a wide criminal supply chain, with different actors playing different roles, from harvesters, who steal or source data, to validators that can check cards, and cash-outers, who can turn validated cards into gift codes, cryptocurrency, and even cash.
“The crucial step in carding is validation. Cyber criminals use bots to run tiny test charges or authorisation attempts to see which cards work. Sometimes they use small payment providers or merchant sites they control to spread attempts and hide failures,” Warmenhoven said.
“Once a card is validated, it can be used to withdraw cash from ATMs, buy gift cards or vouchers, or purchase travel and accommodation that can later be resold. Monetisation and laundering are tightly coupled – multiple steps are used to obscure the origin of funds.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
