160 million credit card details hacked - How did it happen?

by Adil Siddiqui
160 million credit card details hacked - How did it happen?
Join our Telegram channel

Exploring the how of this year’s biggest credit-card fraud uncovered last month.

Last month, you would have read about the indictment of Four Russians and a Ukranian for a massive hacking scam and internet theft, plus the hacking of the Nasdaq by one of the accused. Having written about this story, Payment Magnates would like to bring an extended glimpse into methods used and actions taken by the cyber-criminals with details from a statement released by the U.S. Attorney in Jersey:

They played on vulnerability with “SQL injection attacks”, by going to retail stores to asses weaknesses in the payment processing system and by placing malware in the victims’ systems, once they had gained access, which created an opening in the systems to extract data.They also leased servers worldwide to store malware in order to attack networks and to steal data.

They communicated through IMS (Instant Messaging Services) in order to help each other with the navigation of the networks under attack.

They installed “sniffer” programs which captured personal card details.

And, as the U.S. Attorney states: "Defendants often targeted the victim companies for many months, waiting patiently as their efforts to bypass security were under way."

They covered their tracks by communicating through encrypted channels or meeting face to face without leaving electronic traces.

They concealed their IP addresses leased servers under fabricated names.

They moved between various servers where they could inactivate traffic recording programs.

They tampered with security systems for logging actions and avoided software security on the systems of their targets to ward off detection.

They stole data and sold data to international resellers who resold the data for the purpose of encoding magnetic strips on plastic cards.

They charged for each stolen card and offered discounted rates for bulk purchases.

Image courtesy of flickr

Exploring the how of this year’s biggest credit-card fraud uncovered last month.

Last month, you would have read about the indictment of Four Russians and a Ukranian for a massive hacking scam and internet theft, plus the hacking of the Nasdaq by one of the accused. Having written about this story, Payment Magnates would like to bring an extended glimpse into methods used and actions taken by the cyber-criminals with details from a statement released by the U.S. Attorney in Jersey:

They played on vulnerability with “SQL injection attacks”, by going to retail stores to asses weaknesses in the payment processing system and by placing malware in the victims’ systems, once they had gained access, which created an opening in the systems to extract data.They also leased servers worldwide to store malware in order to attack networks and to steal data.

They communicated through IMS (Instant Messaging Services) in order to help each other with the navigation of the networks under attack.

They installed “sniffer” programs which captured personal card details.

And, as the U.S. Attorney states: "Defendants often targeted the victim companies for many months, waiting patiently as their efforts to bypass security were under way."

They covered their tracks by communicating through encrypted channels or meeting face to face without leaving electronic traces.

They concealed their IP addresses leased servers under fabricated names.

They moved between various servers where they could inactivate traffic recording programs.

They tampered with security systems for logging actions and avoided software security on the systems of their targets to ward off detection.

They stole data and sold data to international resellers who resold the data for the purpose of encoding magnetic strips on plastic cards.

They charged for each stolen card and offered discounted rates for bulk purchases.

Image courtesy of flickr

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}