According to Recorded Future, the Russian invasion of Ukraine in early 2022 appears to have reduced the number of stolen credit card records exposed on the dark web by double digits.
The company’s Insikt Group division analyzed and compiled in-depth threat intelligence gathered from the cybercrime underground. Annual Payment Fraud Report: 2022.
In 2022, the volume of card-free records at dark web carding shops decreased by 24% year-on-year to reach 45.6 million, while card-existing records decreased by 62% to reach 13.8 million.
Recorded Future attributed this significant decline to two key events early in the year. The first was the Russian government’s unexpected crackdown on cybercriminal gangs, including the arrest of suspected members of the REvil ransomware gang.
“The prevailing theory is that Russia sought to signal its intention to cooperate with the West against cybercrime if the West agreed to Russia’s demands regarding Ukraine,” the report claimed.
Whatever its intent, the crackdown had a horrific impact on card fraud from late February through April, including the closure of several top-tier card shops, Recorded Future said.
But what came next definitely had an even bigger impact.
“Since April, the slump in carding demand and the decline in ‘new’ records is likely a result of Russia’s war,” the report continued.
“The war would hamper the ability of Russian and Ukrainian threat actors to engage in card fraud as a result of mobilization, refugees and voluntary migration, energy instability, inconsistent internet connections, and degraded server infrastructure. The Russian-occupied territory of the Donbass region of Ukraine has long been suspected of hosting server infrastructure for cybercriminals.”
As a result, the future of the card fraud market will depend on external events, the report concludes.
“If Russia’s unilateral war in Ukraine continues, the factors affecting the ability of regional threat actors to engage in card fraud are likely to persist, and the ability of threat actors to engage in card fraud is likely to persist, even if “Even if we continue to adapt, it will remain lower than before the war.”
“It is important to monitor the post-war economy in the region to determine if the conditions and incentives exist for renewed, or even increased, card fraud activity once the war is over.”
