It is time for another darknet carding forum referred to as one of the world’s largest forums for stolen credit card data, Joker’s Stash to shut down permanently. The cybercrime forum has decided to close their business to buy and sell stolen credit card data forever on the 15th of February, 2021. The carding shop was initially founded in 2014. It was a hub that hoarded stolen card details from high-profile data breaches such as Hilton Hotels, Chipotle, Jason’s Deli and Saks Fifth Avenue.
The Joker’s Stash site operator had posted the below-mentioned message and announced the upcoming shutdown:
“Joker goes on a well-deserved retirement. Joker’s Stash is closing…It’s time for us to leave forever,” the site’s operator wrote in a forum post last week. “When we opened years ago, nobody knew us. Today we are one of the largest cards/dumps marketplace[s]. Unfortunately, or fortunately – nothing lasts forever. It’s time for us to leave forever. We will leave the Stash open for 30 more days, until 2021-02-15, so all Stash users can spend accounts balances. On 2021-02-15 we will wipe all our servers and backups and Joker will fade to dark, forever. And mark my word: WE WILL NEVER EVER OPEN AGAIN! Do NOT trust possible future imposters! After 2021-02-15 there will be no more Joker and no more Joker’s Stash. Dear partners of Stash – you can be sure, that before we leave forever, you will get all payouts, contact me with your know-how.”
“We also want to wish all young and mature cyber-gangsters not to lose themselves in the pursuit of easy money. Remember, that even all the money in the world will never make you happy and that all the most truly valuable things in this life are free.”
The reputable dark web carding stores like the ones resembling Joker’s Stash depend on massive data breaches that are generally sourced from the data hacks and involving the Point-of-Sale (PoS) software for the retail giants or merchandise outlets. In this context, a relevant example is Hy-Vee, which is a popular mid-western supermarket chain. Its payment processing systems were ruthlessly hijacked back in 2019.
After the carding data are accumulated, they are sold to the various carding forums such as the Joker’s Stash and similar websites. The website operators then post these data in a dump (data dump), a large and monetized cache. The buyers or the carders then use these data to clone a single card or multiple cards. These cloned cards are then used for making illicit bulk online purchases and resell it for a net profit. Sometimes the carders directly resell the bought data dump.
Considering the lucrative carding forums on the dark web, the Joker’s Stash was one of them. An estimated calculation states that it has generated more than a billion dollars in Bitcoins during its entire existence. However, when the carding trends had taken a leap in the last to last year, the Joker’s Stash had suffered budgetary setbacks.
In the past year, the customers had apparently complained about the degrade in the quality of the stolen data the site was offering. Also, the customers had raised concerns regarding the validity of the posted data dumps. The website’s operator contracted covid-19, as mentioned in a post on the website’s forum in October last year.
On the 17th of December, the authorities had raided several carding forums and seized their servers. Some of them had been shut down as well.
Though Joker rallied (“I am setuping (sic) and moving to the new servers right now, blockchain links will [be] back to work in a few days,” the site’s operator said at the time), though he apparently then decided to cash out his chips and go home.
Gemini Advisory, one of the cyber threat research groups that have reported Joker’s Stash closure, initially states that the site may be stepping down. Still, it will have a zero net effect on the criminal enterprise as a whole. This is due to the fact that the resellers of the stolen card information are likely to shift to other large-scale data dump forums on the Tor network.
The underground payment card economy is “likely to remain largely unaffected by this shutdown,” researchers write.