A hacker break-in at credit and debit card processor Global Payments Inc. dates back to at least early June 2011, Visa and MasterCard warned in updated alerts sent to card-issuing banks in the past week. The disclosures offer the first additional details about the scope of the breach since Global Payments acknowledged the incident on March 30, 2012.
Hardly a week goes by without news of some widespread compromise in which thousands of Web sites that share a common vulnerability are hacked and seeded with malware. Media coverage of these mass hacks usually centers on the security flaw the allowed the intrusions, but one aspect of these crimes that’s seldom examined is the method by which attackers automate the booby-trapping and maintenance of their hijacked sites.
Regular readers of this blog may be unsurprised to learn that this is another aspect of the cybercriminal economy that can be outsourced to third-party services. Often known as “iFramers,” such services can simplify the task of managing large numbers of hacked sites that are used to drive traffic to a handful of sites that serve up malware and browser exploits.
A deep sense of doubt and dread began to sink in halfway through our journey down a long, lonely desert highway from just outside Austin to coastal Texas. We were racing against the clock (we’d just scarfed down our third meal in a row at a roadside Subway shop), yet my minivan companions — a filmmaker from California and a husband-and-wife camera crew — seemed pleased with the footage we’d collected so far. I was far less sanguine about our prospects, and was almost certain that our carefully-laid plans to ambush a money mule on camera were about to unravel.
Recent ebanking heists — such as a $121,000 online robbery at a New York fuel supplier last month — suggest that cyber thieves increasingly are cashing out by sending victim funds to prepaid debit card accounts. The shift appears to be an effort to route around a major bottleneck for these crimes: Their dependency on unreliable money mules.
Mules traditionally have played a key role in helping thieves cash out hacked accounts and launder money. They are recruited through email-based work-at-home job scams, and are told they will be helping companies process payments. In a typical scheme, the mule provides her banking details to the recruiter, who eventually sends a fraudulent transfer and tells the mule to withdraw the funds in cash, keep a small percentage, and wire the remainder to co-conspirators abroad.
A series of hacks perpetrated against so-called “smart meter” installations over the past several years may have cost a single U.S. electric utility hundreds of millions of dollars annually, the FBI said in cyber intelligence bulletin obtained by KrebsOnSecurity. The law enforcement agency said this is the first known report of criminals compromising the hi-tech meters, and that it expects this type of fraud to spread across the country as more utilities deploy smart grid technology.
Smart meters are intended to improve efficiency, reliability, and allow the electric utility to charge different rates for electricity at different times of day. Smart grid technology also improves a utility’s ability to remotely read meters to determine electric usage.
Global Payments Inc., the Atlanta-based credit and debit card processor that recently announced a breach that exposed fewer than 1.5 million card accounts, held a conference call this morning to discuss the incident. Unfortunately, that call created more questions than… Read More »
Global Payments, the credit and debit card processor that disclosed a breach of its systems late Friday, said in a statement late Sunday that the incident involved at least 1.5 million accounts. The news comes hours ahead of planned conference call with investors, and after Visa said it had pulled its seal of approval for the company.
In a press release issued 9:30 Sunday evening, Atlanta based Global Payments Inc. said it believes “the affected portion of its processing system is confined to North America and less than 1,500,000 card numbers may have been exported…Based on the forensic analysis to date, network monitoring and additional security measures, the company believes that this incident is contained. ”
VISA and MasterCard are alerting banks across the country about a recent major breach at a U.S.-based credit card processor. Sources in the financial sector are calling the breach “massive,” and say it may involve more than 10 million compromised card numbers.
Experts from across the security industry collaborated this week to quarantine more than 110,000 Microsoft Windows PCs that were infected with the Khelios worm, a contagion that forces infected PCs to blast out junk email advertising rogue Internet pharmacies.
Most botnets are relatively fragile: If security experts or law enforcement agencies seize the Internet servers used to control the zombie network, the crime machine eventually implodes. But Khelios (a.k.a. “Kelihos”) was built to withstand such attacks, employing a peer-to-peer structure not unlike that used by popular music and file-sharing sites to avoid takedown by the music and entertainment industry.
Microsoft today announced the execution of a carefully planned takedown of dozens of botnets powered by ZeuS and SpyEye — powerful banking Trojans that have helped thieves steal more than $100 million from small to mid-sized businesses in the United… Read More »
