3 min to read
PlasticSharks selling stolen & cloned credit cards alongside PayPal credentials
Investigating a dark web site claiming to sell stolen cards, cloned cards and compromised PayPal credentials.
j5tjeqetlxktapyxvat7xpirvfath5mgmqhje7vowmp4pvtii2uu67ad.onion
Stolen cards refer to compromised card data, not the physical cards themselves. These compromised cards and PayPal accounts often have balances but are sold at a discounted price to enable the buyer to turn a profit.
PlasticSharks provides access to this compromised data by cloning the stolen information onto new physical cards, which are then shipped to the buyer after purchase. These sites also sell PayPal account credentials, providing the login information once payment is received via their Bitcoin wallet.
How does PlasticSharks get stolen cards and PayPal credentials?
Skimming: This is the use of an electronic device to copy and store credit card information which can be loaded to new cards and sold out.
Phishing: This is scamming of victims to get their personal information by gaining their trust which is done via email, text or phone.
Spyware and other malware: This is software designed to collect information without the victim’s consent.
Services offered on this site
The site works as an e-commerce site with listings of items for sale with different price tags. The items currently being sold on the site include:
- Cloned visa cards
- Cloned MasterCards
- PayPal login credentials
Once a user opens the site, it provides an overview of the services that they offer, why one should purchase from them, how the site works, FAQ section, reviews, status check for orders made and get your card.
Various data on sale are posted, indicating the product, kind (type of data), information, estimated value, cost of buying, bitcoin cost, and add to cat button.
Once a user selects the desired data, they go to the cart where they confirm they want to check out or update the cart. Upon checkout, the user is provided with a checkout form to be filled out and gets a unique Bitcoin address to send the funds. The user is then provided with a tracking number that is used to track the order.
The site provides a “How to Guide” on how to safely cash out and provides a very easy-to-use and user-friendly sales site.
Reputation
The site offers a tracking service for packages once orders are made. This gives the client the sense of satisfaction of being able to track and know where the products are at any time using the order number provided during purchase. The site claims orders are to be received within 7 working days in any country in the world.
This site began operation on 1st January 2024 and has a total of 303 reviews posted on the site.
Many of the comments are positive, which could mean the reviews posted are fake.
More Images
See some more images of the sites below:
Rounding up
The sale of compromised cards and credentials constitutes a financial crime in numerous countries globally. This is why the dark web and cryptocurrency have provided a level of anonymity, allowing these illegal activities to persist and flourish.
Individuals are urged to remain vigilant to avoid falling victim to skimming and phishing, which could lead to their data being sold on the dark web.
