Advertisement
  • About the Author
  • About this Blog

    • The Wire

    A Little Sunshine / The Wire11 Comments
    15
    Jun 10

    Police Arrest 178 in U.S.-Europe Raid on Credit Card ‘Cloning Labs’

    Equipment seized from a 'cloning lab'. Photo courtesy Spanish Ministry of Interior.

    Police have arrested 178 people in Europe and the United States suspected of cloning credit and debit cards in an international scam worth over 20 million euro ($24.52 million), according to a report from Reuters and authorities in Spain.

    The stories so far are all light on details or whether this bust was connected to specific fraud forums that facilitate the trade in stolen credit card data, but the wire reports include the following information:

    Police in fourteen countries participated a two-year investigation, initiated in Spain where police have discovered 120,000 stolen credit card numbers and 5,000 cloned cards, arrested 76 people and dismantled six cloning labs.

    The raids were made primarily in Romania, France, Italy, Germany, Ireland and the United States, with arrests also made in Australia, Sweden, Greece, Finland and Hungary. The detainees are also suspected of armed robbery, blackmail, sexual exploitation and money-laundering, the police said.

    Source here. There is also quite a bit more juicy information in the press release from Spanish Ministry of Interior, a Google translated version of which is available here. For all you Spanish speakers, the original version is here.

    Criminals can clone debit cards if they have access to the cardholder’s PIN as well as the data stored on the magnetic strip on the back of these payment cards. In some cases, crooks obtain these “dumps” by stealing the data (either in person or via hacking) online or main street merchants.

    Another popular method of obtaining dumps and PINs is through the use of ATM skimmers, which I have written about extensively. According to Spanish police, as part of the raids Germany has arrested 16 people involved in skimming bank cards (look for another KrebsOnSecurity post on ATM skimmers sometime in the next week or so).

    In related news, MasterCard announced it is trialing a new debit card that includes not only a computer chip but also a tiny digital display that produces a one-time password for each online transaction. But don’t expect to see these replacing regular, low tech credit and debit cards here in the U.S., at least not for a while. Slashgear.com reports that the devices are being trialed with Turkish bank for now.

    Read more about the specs of this device, at this data sheet (PDF)  from the manufacturer’s Web site.

    The Wire9 Comments
    14
    Jan 10

    The Wire: Google Security Edition

    Google has reportedly stopped censoring Chinese search results for its Google.cn property, in response to what it said earlier this week were targeted attacks against its corporate infrastructure aimed at Chinese dissident groups. But a security research firm claims the attack that hit Google was part of a larger, unusually sophisticated assault aimed at stealing source code from Google and at least 30 other Silicon Valley firms, banks and defense contractors.

    Also, Google switches to “always on” encryption for all Gmail users. And some pundits see ulterior motives in Google’s Chinese hacking disclosure. More after the jump.

    Continue reading →

    The Wire2 Comments
    12
    Jan 10

    The Wire

    A periodic pointer to some of the more interesting and newsworthy security news stories. In no particular order:

    Proof-of-concept for Mac OS X systems Released
    Possible Malicious Apps for Google’s Android Phone
    Online Gaming Exec. Sentenced to 33 Months
    ‘Massive Cybercrime Conspiracy’

    Read after the jump for summaries and links to more information.

    Continue reading →