Microsoft is calling attention to a Morocco-based cybercrime group dubbed Storm-0539 that's behind gift card fraud and theft through highly sophisticated email and SMS phishing attacks. "Their primary motivation is to steal gift cards and profit by selling them online at a discounted rate," the company said in its latest Cyber Signals report. "We've seen some examples where the … [Read more...] about Moroccan Cybercrime Group Steals Up to $100K Daily Through Gift Card Fraud
Card
Rogue WordPress Plugin Exposes E-Commerce Sites to Credit Card Theft
Dec 22, 2023NewsroomSkimming / Web Security Threat hunters have discovered a rogue WordPress plugin that's capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information. The skimming activity is part of a Magecart campaign targeting e-commerce websites, according to Sucuri. "As with many other malicious or fake … [Read more...] about Rogue WordPress Plugin Exposes E-Commerce Sites to Credit Card Theft
Your Graphics Card Fingerprint Can Be Used to Track Your Activities Across the Web
Researchers have demonstrated a new type of fingerprinting technique that exploits a machine's graphics processing unit (GPU) as a means to track users across the web persistently. Dubbed DrawnApart, the method "identifies a device from the unique properties of its GPU stack," researchers from Australia, France, and Israel said in a new paper," adding " variations in speed … [Read more...] about Your Graphics Card Fingerprint Can Be Used to Track Your Activities Across the Web
Magecart Hackers Hide Stolen Credit Card Data Into Images for Evasive Exfiltration
Cybercrime actors part of the Magecart group have latched on to a new technique of obfuscating the malware code within comment blocks and encoding stolen credit card data into images and other files hosted on the server, once again demonstrating how the attackers are continuously improving their infection chains to escape detection. "One tactic that some Magecart actors employ … [Read more...] about Magecart Hackers Hide Stolen Credit Card Data Into Images for Evasive Exfiltration
Air India Hack Exposes Credit Card and Passport Info of 4.5 Million Passengers
India's flag carrier airline, Air India, has disclosed a data breach affecting 4.5 million of its customers over a period stretching nearly 10 years after its Passenger Service System (PSS) provider SITA fell victim to a cyber attack earlier this year. The breach involves personal data registered between Aug. 26, 2011 and Feb. 3, 2021, including details such as names, dates of … [Read more...] about Air India Hack Exposes Credit Card and Passport Info of 4.5 Million Passengers
New Hack Lets Attackers Bypass MasterCard PIN by Using Them As Visa Card
Cybersecurity researchers have disclosed a novel attack that could allow criminals to trick a point of sale terminal into transacting with a victim's Mastercard contactless card while believing it to be a Visa card. The research, published by a group of academics from the ETH Zurich, builds on a study detailed last September that delved into a PIN bypass attack, permitting bad … [Read more...] about New Hack Lets Attackers Bypass MasterCard PIN by Using Them As Visa Card
Law Enforcement Seizes Joker’s Stash — Stolen Credit Card Marketplace
The US Federal Bureau of Investigation (FBI) and Interpol have allegedly seized proxy servers used in connection with Blockchain-based domains belonging to Joker's Stash, a notorious fraud bazaar known for selling compromised payment card data in underground forums. The takedown happened last week on December 17. The operators of Joker's Stash operate several versions of the … [Read more...] about Law Enforcement Seizes Joker’s Stash — Stolen Credit Card Marketplace
Over 2800 e-Shops Running Outdated Magento Software Hit by Credit Card Hackers
A wave of cyberattacks against retailers running the Magento 1.x e-commerce platform earlier this September has been attributed to one single group, according to the latest research. "This group has carried out a large number of diverse Magecart attacks that often compromise large numbers of websites at once through supply chain attacks, such as the Adverline incident, or … [Read more...] about Over 2800 e-Shops Running Outdated Magento Software Hit by Credit Card Hackers
New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data
Cybercriminal groups are constantly evolving to find new ways to pilfer financial information, and the latest trick in their arsenal is to leverage the messaging app Telegram to their benefit.In what's the latest tactic adopted by Magecart groups, the encrypted messaging service is being used to send stolen payment details from compromised websites back to the attackers."For … [Read more...] about New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data
Evasive Credit Card Skimmers Using Homograph Domains and Infected Favicon
Cybersecurity researchers today highlighted an evasive phishing technique that attackers are exploiting in the wild to target visitors of several sites with a quirk in domain names, and leverage modified favicons to inject e-skimmers and steal payment card information covertly."The idea is simple and consists of using characters that look the same in order to dupe users," … [Read more...] about Evasive Credit Card Skimmers Using Homograph Domains and Infected Favicon