Cryptocurrency hackers make billions of dollars in a year. Without regard for their victims or the people whose livelihoods they could potentially affect, these people go on looting. However, there are instances where these people also get what is coming to them.
According to an October 15 report from cryptocurrency journalist Brian Krebs, BriansClub, an infamous hacking group, has been hit in a retaliatory attack that saw the hacking group lose millions of credit card details.
A taste of their own medicine
Per the report, the hack, which seemed to have taken place sometime in August, saw the attackers turning over the affected cards to their appropriate banks so they can be canceled. Krebs also claimed that the entire trove included debit and credit cards, which were stolen from several bricks-and-mortar stores over the past four years, with some 8 million uploaded in 2019 alone.
Thanks to the binary data that they got, the hackers at BriansClub could potentially create fake magstripe cards and use those to make fraudulent purchases in stores and retail centers. All in all, Krebs estimates that about 26 million credit cards were stolen from the hacking group. The journalist reportedly got tipped off by a source who shared a plain text file that contained an extensive database of card information for sale.
After conducting additional investigations, Krebs was able to trace the compromised card to BriansClub. The records date back to 2015, with the net value of the entire database estimated to be in hundreds of millions of dollars on the black market.
Ideally, hackers and scammers at BriansClub sell the data they get in exchange for Bitcoin. It is estimated that the group has made up to $126 million since 2015, but given the volatility of the world’s most popular cryptocurrency, determining their exact loot would be a tad challenging.
Krebs added that he was able to get in touch with the administrator of the hacker group, who then told him that 26 million cards had been affected in the hack. The admin added that the group has since delisted those cards.
Hackers are sleeping at the wheel
While it definitely is a good feeling to know that criminals are beginning to feel the touch of karma, it begs the question of whether these guys are starting to get sloppy.
Just last week, Internet security and consultancy firm bleeping Computer published the account of Tobias Frömel (aka “battleck”), a German programmer who was able to deploy a retaliatory hack on some attackers who hit him with Muhstik ransomware attack.
According to the October 7 report, instead of crying about his predicament, Frömel got right on his computer and hacked the attackers’ command and control center. Bleeping Computer reported that thanks to this, the programmer was able to successfully retrieve the unique Hardware IDs and encryption keys for about 2,858 victims whose information was stored on the site.
In an announcement on the Bleeping Computer users’ forum, Frömel explained that his actions were, in fact, illegal. However, he pled with readers to consider that he wasn’t the bad guy in the scenario. He went on to publish his Bitcoin wallet address, just in case anyone was looking to reward him for his act of valor.
Since his work got published, Emsisoft, a popular cybersecurity company, released a decryption tool for victims of the Muhstik attack, essentially rendering the ransomware ineffective.