Sunday, January 19, 2025
HomeCyber AttackLaw enforcement Officers Busted Phishing Group That Uses 40 Websites to Steal...

Law enforcement Officers Busted Phishing Group That Uses 40 Websites to Steal Credit Card Data

Published on

SIEM as a Service

Follow Us on Google News

On 22nd February 2022, Ukrainian Police officials arrested a group of threat actors that were involved in a phishing campaign.

They used a mobile replenishment service as their disguise to conduct various scams involving 70,000 stolen victim data.

The Cyber Police department and the National police came together on this issue which seemed to have made a loss of five million hyrvnias (Ukrainian Currency).

The threat actors were a group of five people including an organizer who created and administered more than 40 phishing websites to obtain details about credit cards from victims. The phishing websites were similar to that of the mobile operator’s website which made the users enter their card details for topping up their account or making a bank transfer. 

Through phishing websites, the attacker has collected information from more than 70,000 people and used it to steal money from those accounts.

The police also stated that the organizer also used paid marketing and analytical resources to make SEO for the phishing websites and make it forefront the search results as well as on social media.

The group also involved three citizens to transfer their illegal funds as a result that they also receive a profit for each fraudulent operation.

The police also seized computer equipment, mobile phones, flash drives, bank cards and also confiscated 2 million hryvnias in cash.

Cyber police also remind the citizens to check on the URL before entering their sensitive information like bank details, CVV, PIN, and card expiry date.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Hackers Easily Bypass Active Directory Group Policy to Allow Vulnerable NTLMv1 Auth Protocol

Researchers have discovered a critical flaw in Active Directory’s NTLMv1 mitigation strategy, where misconfigured...

AWS Warns of Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV

Amazon Web Services (AWS) has issued a critical security advisory highlighting vulnerabilities in specific...

FlowerStorm PaaS Platform Attacking Microsoft Users With Fake Login Pages

Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms....

New Tool Unveiled to Scan Hacking Content on Telegram

A Russian software developer, aided by the National Technology Initiative, has introduced a groundbreaking...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Hackers Easily Bypass Active Directory Group Policy to Allow Vulnerable NTLMv1 Auth Protocol

Researchers have discovered a critical flaw in Active Directory’s NTLMv1 mitigation strategy, where misconfigured...

AWS Warns of Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV

Amazon Web Services (AWS) has issued a critical security advisory highlighting vulnerabilities in specific...

FlowerStorm PaaS Platform Attacking Microsoft Users With Fake Login Pages

Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms....