Carding Action 2020 – Crooks selling/purchasing Compromised Card Data Arrested

We, at GBhackers usually report instances where the bad guys have had the upper hand in cyber-security, but today we are glad to report that the good guys have had a minor victory.

Law enforcement agencies from Italy and Hungary supported by the UK and Europol carried out a targeted operation named Carding Action 2020, to catch fraudsters selling and purchasing compromised card details on websites selling stolen credit card data and dark web marketplaces.

The objective of the operation was to mitigate and prevent losses for financial institutions and card holders. The operation was carried out over a period of 3 months, with 90,000 pieces of card data analysed and approximately €40 million ($47 million) worth of losses averted.

Europol played a crucial role in facilitating the coordination of information between law enforcement authorities and private sector partners. Europol analysts and experts also supported this operation by analyzing large volumes of data and sharing their expertise in the field of payment card fraud.

All of the 90,000 pieces of card data analysed by Group-IB, the private sector partner, included data of cards compromised by phishing websites, end devices infected with banking Trojans, hijacked e-commerce websites and JS-sniffers.

This is not the first instance of Group-IB unearthing a cybersecurity crime. Some of the other crimes unearthed by Group-IB are Silence, hacking of e-commerce sites by 3 Indonesian hackers, and crimes of hacking group MoneyTaker are some of their noteworthy exploits.

“Cybercrime can affect all aspects of our daily life, from paying in the supermarket, transferring money to our friends to using online communication tools or Internet of Things devices at home. Cybercriminals can attack us in different ways and this requires a robust response not only from law enforcement, but also from the private sector,” said Edvardas Šileris, Head of Europol’s European Cybercrime Centre (EC3)

The increase of e-skimming attacks targeting merchant Point of Sale (PoS) machines and e-commerce merchants influenced the significant increase of prevented losses.

E-Skimming or Magecart is a cybersecurity hacking technique that steals information as the consumers enter the data into an online shopping website.

Stay safe and hope for more such victories!

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.