The administrator of Joker’s Stash, a popular and one of the longest-running marketplace for cybercriminals to purchase stolen credit cards, announced on Friday that they would permanently shut down the operation next month.
They published messages on multiple cybercriminal forums to inform about the retirement, set for February 15, and that all servers and backups would be wiped.
End of Joker’s activity
“It’s time for us to leave forever,” the administrator wrote, adding in caps that “we will never ever open again,” as a warning about possible impostors trying to capitalize on the move by impersonating them.
The illegal card shop opened in 2014 and became famous for providing fresh stolen credit card data and a promise of card validity; some of the cards were touted to be exclusive to Joker’s Stash.
Throughout 2020, though, operations were not running as smoothly as before, with the FBI and Interpol seizing four blockchain domains used by Joker’s Stash acting as external proxy servers for the site’s Tor service. The disruption was only temporary, though.
Before that, in October, the card shop’s activity had dropped unexpectedly. Towards the end of the month, the administrator JokerStash posted that they had been infected with Covid-19 and had spent a week in the hospital.
Furthermore, the quality of credit card records dropped as the influx of fresh data decreased while competitors posted larger volumes of card-not-present (CNP) data. CNP transactions are used for purchases where physical verification of the card is not possible, such as online payments.
Threat intelligence company Gemini Advisory tracked the activity on the fraudulent marketplace and noticed fewer records published over the past six months.
The company says that Joker’s Stash added more than 40 million new card records over the past year, most of them from physical transactions at a point-of-sale. Some of the largest databases came from breaches at Wawa, Dickey’s Barbecue Pit, and Champagne French Bakery and Cafe.
Payment data from online shopping came from Magecart attacks or from phishing.
Joker’s Stash made a fortune
Gemini Advisory estimates that Joker’s Stash made more than $1 billion from selling stolen credit card data. The admin is also an ardent supporter of cryptocurrency and claimed to keep their proceeds in virtual coins. Giving the recent Bitcoin spike, it is safe to assume that any cryptocurrency that JokerStash owned more than doubled in value in the past few weeks.
Although a huge pile of money is a very good reason to get out of the game in GandCrab style, the admin did not explain their decision in any way but offered a 30-day grace period for all users to empty their accounts.