Researchers in the United Kingdom say they’ve discovered mounting evidence that thieves have been quietly exploiting design flaws in a security system widely used in Europe to prevent credit and debit card fraud at cash machines and point-of-sale devices.
The data breach at Atlanta-based credit and debit card processor Global Payments just keeps getting bigger. Earlier this month, I reported that Visa and MasterCard were alerting banks that the breach extended back to June 2011. Now it appears the… Read More »
Debit card accounts stolen in a recent hacker break-in at card processor Global Payments have been showing up in fraud incidents at retailers in Las Vegas and elsewhere, according to officials from one bank impacted by the fraud.
At the beginning of March 2012, Danbury, Conn. based Union Savings Bank began seeing an unusual pattern of fraud on a dozen or so debit cards it had issued, noting that most of the cards had recently been used at a cafe at a nearby private school. When the bank determined that the school was a customer of Global Payments, it contacted Visa to alert the card association of a possible breach at the Atlanta-based processor, according to Doug Fuller, Union Savings Bank’s chief risk officer.
Global Payments, the credit and debit card processor that disclosed a breach of its systems late Friday, said in a statement late Sunday that the incident involved at least 1.5 million accounts. The news comes hours ahead of planned conference call with investors, and after Visa said it had pulled its seal of approval for the company.
In a press release issued 9:30 Sunday evening, Atlanta based Global Payments Inc. said it believes “the affected portion of its processing system is confined to North America and less than 1,500,000 card numbers may have been exported…Based on the forensic analysis to date, network monitoring and additional security measures, the company believes that this incident is contained. ”
VISA and MasterCard are alerting banks across the country about a recent major breach at a U.S.-based credit card processor. Sources in the financial sector are calling the breach “massive,” and say it may involve more than 10 million compromised card numbers.
Underground Web sites can be a useful barometer for the daily volume of criminal trade in goods like stolen credit card numbers and hijacked PayPal or eBay accounts. And if the current low prices at one of Underweb’s newer and… Read More »
Recently leaked online chat records may provide the closest look yet at a Russian man awaiting trial in Wisconsin on charges of running a cybercrime machine once responsible for sending between 30 to 40 percent of the world’s junk email.
Criminals who operate large groupings of hacked PCs tend to be a secretive lot, and jealously guard their assets against hijacking by other crooks. But one of the world’s largest and most sophisticated botnets is openly renting its infected PCs to any and all comers, and has even created a Firefox add-on to assist customers.
Fake antivirus scams and rogue Internet pharmacies relentlessly seek customers who are willing to trade their credit card numbers for a remedy. Banks and financial institutions become partners in crime when they process payments to fraudsters.
Published research has shown that rogue Internet pharmacies and spam would be much less prevalent and profitable if a few top U.S. financial institutions stopped processing payments for dodgy overseas banks. This is also true for fake antivirus scams, which use misleading security alerts to frighten people into purchasing worthless security software.
An online criminal enterprise, as tightly structured as any legitimate business corporation, was exposed in 2010. Emails and documents stolen from employees of ChronoPay — Russia’s largest online payments processor — were shared with a select group of law enforcement agencies and with KrebsOnSecurity.com. The communications provide the strongest evidence yet that a notorious rogue online pharmacy and other shady enterprises are controlled by ChronoPay executives and employees.
The leaked ChronoPay email show that in August 2010 ChronoPay CEO Pavel Vrublevsky authorized a payment of 37,350 Russian Rubles (about $1,200) for a multi-user license of an Intranet service called MegaPlan. The documents indicate that Vrublevsky ordered the service to help manage the sprawling projects related to ChronoPay’s “black” operations, including the processing of payments for rogue anti-virus software, violent “rape” porn sites, and knockoff prescription drugs sold through hundreds of Web sites affiliated with a rogue online pharmacy program called Rx-Promotion.com.
ChronoPay employees were assigned MegaPlan accounts to track payment processing issues, order volumes and advertising partnerships for these black programs. In a move straight out of the Quentin Tarantino film Reservoir Dogs, the employees adopted nicknames like “Mr. Kink, Mr. Heppner,” and “Ms. Nati.” MegaPlan offers an application that makes it simple for clients to create organizational charts, and the account paid for by ChronoPay includes a chart showing the hierarchy and reporting structure of these divisions.
