Reshipping service for goods bought with stolen bankcards falls prey to hack
![Image Report examines recent activities of Russian cybercriminals from [Sandworm]](https://incyber.org//wp-content/uploads/2024/04/incyber-news-cybersecurite-cybersecurity-attack-danger-2024-885x690.jpg)
Named SWAT USA Drop Service, cybercriminal enterprise employs 1,200 people in the United States.
On November 2 and 6, 2023, US cyber researcher Brian Krebs published an investigation into a reshipping service for high-tech products bought with stolen credit cards. The cybercriminal enterprise, named SWAT USA Drop Service, was hacked, most likely by a competitor. The leak revealed a considerable amount of internal data detailing its mode of operation.
Originally, the cybercriminals used stolen bankcards to order expensive high-tech goods online. They had them delivered to Russia, Eastern Europe or North Africa, where they were sold on the local black market. However, e-commerce companies no longer ship to these countries when the order is paid for with a bankcard from another part of the world.
Cybercriminals thus fell back on services such as SWAT USA, which legally hires middlemen, known as “drops”, residing in the country where the cards were stolen. They receive high-tech products, bought with these cards, and must reship them using prepaid labeling, to countries where the goods are sold on the black market.
Most of these “drops” act in good faith and have no idea they are being used by a criminal outfit. SWAT USA recruits them through online ads, promising attractive compensation, stemming from dozens of shell companies. Yet the latter generally break off all contact with the drop before the first planned payday. SWAT USA currently employs 1,200 people in the United States to carry out reshipping.