Originally Published June 26, 2024
Update: In September 2025, the Manhattan District Attorney’s Office seized 12 domain names tied to underground vendors trafficking stolen financial data, including B1ack’s Stash. After an investigation found these sites were selling more than one million stolen credit and debit card records and associated personal information. B1ack’s Stash wasn’t operating in isolation; its infrastructure and the others were sophisticated online marketplaces that let criminals sort stolen cards by bank, geography, and even victim name. All seized domains now display court-ordered notices, and law enforcement continues to investigate the individuals behind and using these platforms
—
B1ack’s Stash, a new dark web marketplace, recently gained significant attention by releasing 1 million stolen credit card details for free upon their debut on April 30, 2024. The carding shop promoted this giveaway through several known carding forums on the darknet to attract a larger customer base. Typically, carding shops release free data in the thousands, but B1ack’s Stash’s strategy set it ahead of its competition, similar to BidenCash’s tactic last year, where they leaked 2 million stolen cards.
From the data we collected, it was revealed that the leaked information affected cards from various countries, including the Philippines, with a significant number of exposed payment cards. Cyberint’s analysis of the collected data for six major Philippine banks revealed a concerning finding: of the 45,195 local cards, 95% were unique or first seen by Argos, Cyberint’s threat intelligence platform. This implies that the set of stolen data could have originated from a private collection and was not previously released to the public.
The dataset included a mix of debit and credit cards, mainly from MasterCard and Visa, but also included American Express and JCB. This incident highlights the persistent threat of financial fraud on illegal platforms and underscores the urgent need for enhanced cybersecurity measures.
B1ACK’S STASH: An Overview
B1ack’s Stash made a significant splash when they officially launched their carding shop by releasing a staggering 1 million stolen payment cards for free last April. Based on the intelligence Cyberint gathered during our investigation, we discovered that the threat actor or group has been active in carding forums as far back as last year under the profile “B1ack,” formerly known as “blackclub,” and often referred to by users as “king.”
B1ack is notorious in these forums for distributing CCS/FULLZ—credit and debit cards along with full personal information, known as “FULLZ,” which contains enough data to commit identity theft or fraud—as freebies. Further investigation indicated that B1ack started this marketing campaign in January this year by posting hundreds of free stolen payment cards to build credibility and attract more customers.
Originally Published June 26, 2024
Update: In September 2025, the Manhattan District Attorney’s Office seized 12 domain names tied to underground vendors trafficking stolen financial data, including B1ack’s Stash. After an investigation found these sites were selling more than one million stolen credit and debit card records and associated personal information. B1ack’s Stash wasn’t operating in isolation; its infrastructure and the others were sophisticated online marketplaces that let criminals sort stolen cards by bank, geography, and even victim name. All seized domains now display court-ordered notices, and law enforcement continues to investigate the individuals behind and using these platforms
—
B1ack’s Stash, a new dark web marketplace, recently gained significant attention by releasing 1 million stolen credit card details for free upon their debut on April 30, 2024. The carding shop promoted this giveaway through several known carding forums on the darknet to attract a larger customer base. Typically, carding shops release free data in the thousands, but B1ack’s Stash’s strategy set it ahead of its competition, similar to BidenCash’s tactic last year, where they leaked 2 million stolen cards.
From the data we collected, it was revealed that the leaked information affected cards from various countries, including the Philippines, with a significant number of exposed payment cards. Cyberint’s analysis of the collected data for six major Philippine banks revealed a concerning finding: of the 45,195 local cards, 95% were unique or first seen by Argos, Cyberint’s threat intelligence platform. This implies that the set of stolen data could have originated from a private collection and was not previously released to the public.
The dataset included a mix of debit and credit cards, mainly from MasterCard and Visa, but also included American Express and JCB. This incident highlights the persistent threat of financial fraud on illegal platforms and underscores the urgent need for enhanced cybersecurity measures.
B1ACK’S STASH: An Overview
B1ack’s Stash made a significant splash when they officially launched their carding shop by releasing a staggering 1 million stolen payment cards for free last April. Based on the intelligence Cyberint gathered during our investigation, we discovered that the threat actor or group has been active in carding forums as far back as last year under the profile “B1ack,” formerly known as “blackclub,” and often referred to by users as “king.”
B1ack is notorious in these forums for distributing CCS/FULLZ—credit and debit cards along with full personal information, known as “FULLZ,” which contains enough data to commit identity theft or fraud—as freebies. Further investigation indicated that B1ack started this marketing campaign in January this year by posting hundreds of free stolen payment cards to build credibility and attract more customers.
Click Here For The Original Source.
