Category Archives: payment cards

Rare cybercrime enforcement in Russia yields 25 arrests, shutters ‘BuyBest’ marketplace

Posted on by

Russian authorities arrested more than two dozen people as part of a law enforcement operation against an alleged network of illicit websites where users bought and sold stolen payment cards and personal data. The Federal Security Service (FSB) on March 20 apprehended 25 people, including Russians and foreign nationals, for their alleged roles in a digital identity theft ring, the agency announced on Tuesday. The accused scammers were allegedly running a dark web marketplace called BuyBest, or GoldenShop, and dozens of  corresponding “mirror” websites, according to an alert from the threat intelligence firm Gemini Advisory, which was obtained by CyberScoop. Alexey Stroganov, an accused hacker who went by the name “Flint24,” was among those arrested, according to a court file posted on a Moscow city website. A partial list of those those charged appears to have been published on a LiveJournal page. Multiple discussion forums on Russian-language cybercriminal markets were focused on the […]

The post Rare cybercrime enforcement in Russia yields 25 arrests, shutters ‘BuyBest’ marketplace appeared first on CyberScoop.

Continue reading Rare cybercrime enforcement in Russia yields 25 arrests, shutters ‘BuyBest’ marketplace

Magecart hackers have spent weeks lurking on NutriBullet’s website

Posted on by

A group of scammers using a pervasive hacking technique have spent weeks lurking on the website where NutriBullet customers entered their payment data, according to new findings from a cybersecurity vendor. RiskIQ published research on Wednesday detailing how a hacking group, known as Magecart Group 8, snuck malicious code onto NutriBullet’s website to collect financial information from customers who purchased blenders and other products from the company. The attack began on Feb. 20 and continues today, despite an interruption between March 1 and March 5, RiskIQ said. NutriBullet did not respond to multiple requests for comment. RiskIQ said its researchers have spent three weeks trying to contact the company without receiving a response. The compromise was ongoing as of this article’s publication, RiskIQ said. “Magecart” is a blanket name for a hacking technique in which attackers insert a small amount of malicious code into the e-commerce payment process. Magecart groups […]

The post Magecart hackers have spent weeks lurking on NutriBullet’s website appeared first on CyberScoop.

Continue reading Magecart hackers have spent weeks lurking on NutriBullet’s website

Wawa Breach May Have Affected More Than 30 Million Customers

Posted on by

Hefty collection of U.S. and international payment cards from the incident revealed in December found up for sale on dark-web marketplace Joker’s Stash. Continue reading Wawa Breach May Have Affected More Than 30 Million Customers

Alleged mastermind behind $20m stolen-card site extradited to US

Posted on by

Aleksei Burkov allegedly ran Cardplanet, advertised as the only shop with a guarantee: your stolen card will work, or you get a new one! Continue reading Alleged mastermind behind $20m stolen-card site extradited to US

Cybercriminals plan to make L7 routers serve card stealing code

Posted on by

One of the Magecart cybercriminal groups is testing a new method for grabbing users’ credit card info: malicious skimming code that can be loaded into files used by L7 routers. What is Magecart? Magecart is an umbrella label for a growing number … Continue reading Cybercriminals plan to make L7 routers serve card stealing code