The darknet website briansclub has become notorious for selling stolen credit card information. It has gained infamy since hackers uncovered multiple data breaches exposing sensitive customer information. However, the site continues to operate despite its tumultuous history. While it may be tempting to research briansclub for educational purposes, there are legal and ethical concerns that should be considered before gaining access.
Briansclub is a carding shop that specializes in stealing credit card information and other payment details. The website is known for its vast selection of hacked credit cards and other payment details, and it also enables users to do SSN lookups and track 1 and track 2 code searches.
It was launched in 2014 and quickly became a go-to marketplace for cybercriminals seeking to sell stolen credit card data. Until it was hacked in 2019, the site was a huge success, helping its operators make more than $1 million from sales of stolen credit card numbers and related personal data.
Those who ran the site were well-established criminals. They were all known to the underground crime scene for their work as administrators of other carding sites, and for their work as “cashers” — thieves who steal credit card information from people using skimming devices at gas stations or by hacking point-of-sale systems in restaurants or stores. Krebs on Security was recently contacted by someone who claimed to be the owner of briansclub.cm and shared a large file that contained what appeared to be the site’s entire database of hacked and stolen payment card data.
The data hacked from the site includes both Track 1 and Track 2 information, which are different bits-per-inch encoded signals that appear on the magnetic stripe of a credit card. Krebs says that the majority of the cards offered for sale at BriansClub are resold by resellers who acquire them from other criminals, such as by stealing cards with skimming devices from gas pumps or by using data-grabbing malware installed on point-of-sale systems in stores and restaurants. The resellers then resell the cards to buyers, who are typically going on fake card spending sprees or buying products for cut-price resale.
Krebs on Security hasn’t yet been able to determine the identities of any of the buyers or sellers on the site. However, he has been able to determine which cards were sold, and which resellers supplied them. Those details are crucial to law enforcement efforts, as they allow investigators to follow the money and uncover criminal networks involved in the transactions.