Carding Action 2020 targeted crooks selling/purchasing compromised card data on sites selling stolen cred itcard data and darkweb marketplaces Group-IB, a global threat hunting and intelligence company, has supported Carding Action 2020 – a cross-border operation led by Europol’s European Cyber Crime Centre (EC3) with the support from law enforcement agen

Security experts from Sucuri analyzing a software skimmer that is abusing its brand name in order to evade detection. Researchers at Sucuri analyzed a software skimmer that is using their brand name in order to evade detection. The e-skimmer is a base64-encoded JavaScript blob that attackers inject into target webpages. During a routine investigation,

Russian cybercriminal Aleksandr Brovko has been sentenced to eight years in jail for his role in a botnet scheme that caused at least $100 million in financial damage.  The Russian cybercriminal Aleksandr Brovko (36) has been sentenced to eight years in jail for his role in a sophisticated botnet scheme that caused at least $100 million in financial damag

Most victims of Magecart-based attacks tend to be typical online shops selling various goods. However, every now and again we come across different types of businesses which were affected simply because they happened to be vulnerable. Today we take a quick look at a mobile operator who offers cell phone plans to its customers. Their website lets you shop

Sometimes, I think there are three certainties in life: death, taxes, and some form of payment fraud. Security reporter Danny Palmer experienced this a little while ago, and has spent a significant amount of time tracking the journey of his card details from the UK to Suriname. His deep-dive confirmed that it is easy to become tangled up in fraud, even if yo

The digital credit card skimming landscape keeps evolving, often borrowing techniques used by other malware authors in order to avoid detection. As defenders, we look for any kind of artifacts and malicious infrastructure that we might be able to identify to protect our users and alert affected merchants. These malicious artifacts can range from compromis

Guests at the luxury Ritz hotel in London have been victims of “extremely convincing” scammers who posed as hotel staff to steal payment card details. Clients having dinner at the luxury Ritz hotel in London have been targeted by “extremely convincing” scammers who posed as hotel staff to steal payment card details. The crooks p

A 30-year-old Moldovan man pleaded guilty this week for creating the FastPOS malware that infected PoS systems worldwide. The Moldovan citizen Valerian Chiochiu (30), aka Onassis, pleaded guilty on Friday for creating the infamous FastPOS Point-of-Sale (POS) malware. Chiochiu was a member of the Infraud global cybercrime organization involved in steali

Cybercriminals typically focus on targets that can get them the highest return with the least amount of effort. This is often determined by their ability to scale attacks, and therefore on how prevalent a vulnerability or target system is. Enter: the credit card skimmer. In the world of digital skimming, we’ve seen the most activity on e-commerce co

A 30-year old Russian national was sentenced to nine years in prison for running Cardplanet and Direct Connection credit card market. The Russian national named Aleksey Yurievich Burkov (30) was sentenced to nine years in prison for running Cardplanet and Direct Connection, two credit card market that facilitated payment card fraud, computer hacking, and

Malwarebytes experts observed crooks hiding a software skimmer in the EXIF metadata of an image that was surreptitiously loaded by compromised online stores. While investigating a Magecart attack, experts found an e-skimmer code hidden in the EXIF metadata of an image file and surreptitiously loaded by compromised online stores. The malicious script d

Hackers breached the websites of the U.S. accessory giant Claire’s, and its subsidiary Icing, and gained access to customer’s credit card data. Threat actors have hacked the websites of the U.S. based jewelry and accessory giant Claire’s, and its subsidiary Icing, the security breach took place in April and attackers may have gained acce

The US DoJ announced that a New York City man was charged with hacking, credit card trafficking, and money laundering conspiracies. New York City man Vitalii Antonenko (28) was charged with hacking, credit card trafficking, and money laundering conspiracies, states the US DoJ. The man was arrested in March 2019 and detained after his arrival from Ukrai

Maze Ransomware operators claim to have gained access to the network of Banco BCR of Costa Rica and stolen 11 million credit card credentials. Maze Ransomware operators claim to have hacked the network of the state-owned Bank of Costa Rica Banco BCR and to have stolen internal data, including 11 million credit card credentials. Banco BCR has equity of

Digital attackers compromised the website of kitchen and household products manufacturer Tupperware with a credit card skimmer.On March 20, researchers at Malwarebytes observed that attackers had compromised tupperware[.]com by hiding malicious code within an image file. This code activated when a user attempted to check out and complete their purchase on Tu