Thursday, March 28, 2024

Carding Action 2020 – Crooks selling/purchasing Compromised Card Data Arrested

We, at GBhackers usually report instances where the bad guys have had the upper hand in cyber-security, but today we are glad to report that the good guys have had a minor victory.

Law enforcement agencies from Italy and Hungary supported by the UK and Europol carried out a targeted operation named Carding Action 2020, to catch fraudsters selling and purchasing compromised card details on websites selling stolen credit card data and dark web marketplaces.

The objective of the operation was to mitigate and prevent losses for financial institutions and card holders. The operation was carried out over a period of 3 months, with 90,000 pieces of card data analysed and approximately €40 million ($47 million) worth of losses averted.

Europol played a crucial role in facilitating the coordination of information between law enforcement authorities and private sector partners. Europol analysts and experts also supported this operation by analyzing large volumes of data and sharing their expertise in the field of payment card fraud.

All of the 90,000 pieces of card data analysed by Group-IB, the private sector partner, included data of cards compromised by phishing websites, end devices infected with banking Trojans, hijacked e-commerce websites and JS-sniffers.

This is not the first instance of Group-IB unearthing a cybersecurity crime. Some of the other crimes unearthed by Group-IB are Silence, hacking of e-commerce sites by 3 Indonesian hackers, and crimes of hacking group MoneyTaker are some of their noteworthy exploits.

“Cybercrime can affect all aspects of our daily life, from paying in the supermarket, transferring money to our friends to using online communication tools or Internet of Things devices at home. Cybercriminals can attack us in different ways and this requires a robust response not only from law enforcement, but also from the private sector,” said Edvardas Šileris, Head of Europol’s European Cybercrime Centre (EC3)

The increase of e-skimming attacks targeting merchant Point of Sale (PoS) machines and e-commerce merchants influenced the significant increase of prevented losses.

E-Skimming or Magecart is a cybersecurity hacking technique that steals information as the consumers enter the data into an online shopping website.

Stay safe and hope for more such victories!

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity, and hacking news updates.

Website

Latest articles

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft...

Microsoft Expands Edge Bounty Program to Include WebView2!

Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles