Gemini Advisory – Page 2 – WindowsTechs.com

Joker’s Stash claims 3 million cards stolen from Dickey’s Barbecue

Posted on October 15, 2020 by Sean Lyngaas

Joker’s Stash, one of the most notorious web forums for stolen credit card data, has claimed a new scalp. Sellers on the site this week claimed to be offering 3 million payment card numbers used at Dickey’s Barbecue Pit, a U.S. fast-food chain, researchers at intelligence firm Gemini Advisory said Thursday. More than 100 of the barbecue joint’s locations were affected by the breach, and the data is being sold for a median price of $17 per card, according to the research. The data from Dickey’s Barbecue Pit customers appears to have been compromised between July 2019 and August 2020, according to Gemini Advisory. Numerous restaurant and hospitality chains have been hit by scammers in recent years because of the personal financial data they collect. “Given the widespread nature of the breach, the exposure may be linked to a breach of the single central processor, which was leveraged by over a quarter of all […]

The post Joker’s Stash claims 3 million cards stolen from Dickey’s Barbecue appeared first on CyberScoop.

Continue reading Joker’s Stash claims 3 million cards stolen from Dickey’s Barbecue→

Breach at Dickey’s BBQ Smokes 3M Cards

Posted on October 15, 2020 by BrianKrebs

One of the digital underground’s most popular stores for peddling stolen credit card information began selling a batch of more than three million new card records this week. KrebsOnSecurity has learned the payment card data was stolen in a two-year-long data breach at more than 100 Dickey’s Barbeque Restaurant locations around the country. Continue reading Breach at Dickey’s BBQ Smokes 3M Cards→

Is Your Chip Card Secure? Much Depends on Where You Bank

Posted on July 30, 2020 by BrianKrebs

Chip-based credit and debit cards are designed to make it infeasible for skimming devices or malware to clone your card when you pay for something by dipping the chip instead of swiping the stripe. But a recent series of malware attacks on U.S.-based merchants suggest thieves are exploiting weaknesses in how certain financial institutions have implemented the technology to sidestep key chip card security features and effectively create usable, counterfeit cards. Continue reading Is Your Chip Card Secure? Much Depends on Where You Bank→

Magecart Group 8 skimmed card info from 570+ online shops

Posted on July 8, 2020 by Zeljka Zorz

Your payment card information got stolen but you don’t know how, when and where? Maybe you shopped on one of the 570 webshops compromised by the Keeper Magecart group (aka Magecart Group 8) since April 1, 2017. Magecart Group 8’s modus oper… Continue reading Magecart Group 8 skimmed card info from 570+ online shops→

Magecart-related group hits 570 websites, taking 184,000 card numbers

Posted on July 7, 2020 by Jeff Stone

Hackers who targeted 570 e-commerce sites to steal customer financial information compromised more than 180,000 payment cards as part of a covert fraud effort, according to new research analysis. The group, known as “Keeper,” inserted malicious computer code onto the sites, typically by exploiting weaknesses in technology provided by the sites’ third-party software suppliers. The attack technique, broadly known as Magecart, has struck many thousands of merchants in recent years, ranging from British Airways and NurtiBullet to smaller stores. Gemini Advisory, a threat intelligence startup that scans criminal forums for stolen payment card data, announced the latest campaign in a report published Tuesday. Since April 2017, the Keeper group has aimed to infect 570 websites based in 55 countries, most often in the U.S., U.K. and the Netherlands. Researchers found an unsecured access log belonging to the Keeper group containing 184,000 compromised payment cards from between July 2018 until April […]

The post Magecart-related group hits 570 websites, taking 184,000 card numbers appeared first on CyberScoop.

Continue reading Magecart-related group hits 570 websites, taking 184,000 card numbers→

COVID-19 ‘Breach Bubble’ Waiting to Pop?

Posted on June 30, 2020 by BrianKrebs

The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. On the plus side, months of quarantine have massively decreased demand for account information that thieves buy and use to create physical counterfeit credit cards. But fraud experts say recent developments suggest both trends are about to change — and likely for the worse. Continue reading COVID-19 ‘Breach Bubble’ Waiting to Pop?→

How Cybercriminals are Weathering COVID-19

Posted on April 30, 2020 by BrianKrebs

In many ways, the COVID-19 pandemic has been a boon to cybercriminals: With unprecedented numbers of people working from home and anxious for news about the virus outbreak, it’s hard to imagine a more target-rich environment for phishers, scammers and malware purveyors. In addition, many crooks are finding the outbreak has helped them better market their cybercriminal wares and services. But it’s not all good news: The Coronavirus also has driven up costs and disrupted key supply lines for many cybercriminals. Continue reading How Cybercriminals are Weathering COVID-19→

Would You Have Fallen for This Phone Scam?

Posted on April 28, 2020 by BrianKrebs

You may have heard that today’s phone fraudsters like to use use caller ID spoofing services to make their scam calls seem more believable. But you probably didn’t know that your bank may be making it super easy for thieves to impersonate the bank, by giving away information about recent transactions on your account via automated, phone-based customer support systems. Continue reading Would You Have Fallen for This Phone Scam?→

Rare cybercrime enforcement in Russia yields 25 arrests, shutters ‘BuyBest’ marketplace

Posted on March 25, 2020 by Jeff Stone

Russian authorities arrested more than two dozen people as part of a law enforcement operation against an alleged network of illicit websites where users bought and sold stolen payment cards and personal data. The Federal Security Service (FSB) on March 20 apprehended 25 people, including Russians and foreign nationals, for their alleged roles in a digital identity theft ring, the agency announced on Tuesday. The accused scammers were allegedly running a dark web marketplace called BuyBest, or GoldenShop, and dozens of corresponding “mirror” websites, according to an alert from the threat intelligence firm Gemini Advisory, which was obtained by CyberScoop. Alexey Stroganov, an accused hacker who went by the name “Flint24,” was among those arrested, according to a court file posted on a Moscow city website. A partial list of those those charged appears to have been published on a LiveJournal page. Multiple discussion forums on Russian-language cybercriminal markets were focused on the […]

The post Rare cybercrime enforcement in Russia yields 25 arrests, shutters ‘BuyBest’ marketplace appeared first on CyberScoop.

Continue reading Rare cybercrime enforcement in Russia yields 25 arrests, shutters ‘BuyBest’ marketplace→

Wawa Breach May Have Affected More Than 30 Million Customers

Posted on January 29, 2020 by Elizabeth Montalbano

Hefty collection of U.S. and international payment cards from the incident revealed in December found up for sale on dark-web marketplace Joker’s Stash. Continue reading Wawa Breach May Have Affected More Than 30 Million Customers→