Search This Blog

Showing posts with label Credit Card Theft. Show all posts

Emotet trojan one of the biggest malware

Emotet is a banking Trojan that started out stealing information from individuals, like credit card details. It has been lurking around since 2014 and has evolved tremendously over the years, becoming major threat that infiltrates corporate networks and spreads other strains of malware.

The U.S. Department of Homeland Security published an alert on Emotet in July 2018, describing it as “an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans,” and warning that it’s very difficult to combat, capable of evading typical signature-based detection, and determined to spread itself. The alert explains that “Emotet infections have cost SLTT (state, local, tribal, and territorial) governments up to $1 million per incident to remediate.”

Emotet poses a grave risk for individuals and businesses of all sizes. Here's a look at what you can do to safeguard your business against this pernicious Trojan malware.

Emotet infections typically start with a simple phishing email that contains an attachment or a link to download a file. The recipient is persuaded to click the link or open the file and they unwittingly set in motion a macro that downloads a malicious payload. As soon as the device is infected, Emotet starts trying to spread to other devices on the network.

The addition of new capabilities into Emotet, inspired by other successful malware such as WannaCry, has made it a much more potent threat capable of moving laterally and infecting entire networks alarmingly quickly. It’s a modular Trojan that’s often employed as the vanguard of a bigger attack, piercing the outer defenses and then downloading other banking Trojans and spreading them around.

As persistent and pernicious as Emotet is, you can take effective action to guard against it.

First, ensure that you don’t have unsecured devices on your network. Take steps to identify and secure unmanaged devices. Eradicate potential blind spots like internet of things devices. Even if Emotet appears to be confined to an unsecured machine, the threat has not been neutralized because it’s polymorphic, constantly updating itself and working towards spreading further. Given enough time, it has a good chance of finding a weakness in your defenses that can be exploited.

Actress Sameera Reddy received call from Hacker, spent ₹ 5 Lakhs on her credit card


Indian actress Sameera Reddy has became a victim of cyber crime. An unknown hacker has spent ₹ 5 Lakhs on her credit card.

According to NDTV report, the hacker used the credit card across different locations around the world.

After spending the money , the hacker surprisingly called Sameera Reddy and informed her about the theft. The thief had apparently decided to call her up because he was a big fan of the actress.

“I was dubbing when I got a call. It was from an unknown number and the person on the other side told me he was part of a hackers’ team. I could not believe what he was saying,” Sameera Reddy said.

"I had my card with me but the bank authority asked me to pay up the dues. I kept arguing with them for two months. Finally, the matter has been settled," Sameera added.

Crazy hacker..! what do you think?!

Hackers breached Restaurant Depot's POS network again & accessed credit card info


Hackers once again breached the Point-of-Sale(POS) network of Restaurant Depot, New York based wholesale supplier. The hackers managed to steal credit and debit card details from the card processing system they use in some of their stores.

 The company discovered the security breach on December 4th 2012 when thier customers had experienced credit card fraud after they used their cards at some of our stores.

They hired Trustwave on December 6th to investigate the intrusion. After the investigation, researchers determined that the intrusion first started on Nov 7th 2012. Researchers are still in the process of identifying all the details and are continuing their investigation.

The company notified all the major card brands and provided information about potentially compromised accounts.

"To protect yourself from possible fraudulent charges, you should contact officials at your card issuer immediately by calling the toll-free number on the back of your card or on your monthly statement, tell them you have received this letter, and ask them to cancel and reissue the card. " The official notification reads.

"You should also closely review your credit /debit card statements if you used your cards at one of our stores between November 7th and December 5, 2012. You should immediately notify the bankor financial institution that maintains the card account of any unauthorized charges. "

This is not the first time the company experiencing the security breach , in the 2011, Russian hackers hacked into Restaurant Depot database and accessed the credit and debit card details of more than 200,000 customers.

Four Romanians charged with hacking 150 Subway restaurants & 50 Retailers

Four Romanians were charged with hacking into the credit card processing system at more than 150 Subway restaurants and 50 other unnamed retailers, according to an indictment.The hackers steal millions of dollars using the compromised Credit card data of  more than 80,000 customers .

Starting in 2008, these suspects hacked into more than Point of Sale(Pos) systems and installed Keyloggers and other spywares to  steal the customer credit/debit card numbers, also placed backdoors to get unauthorized access to the system.

The hackers used some kind of vulnerability scanner to find the vulnerable POS systems with certain remote desktop software applications installed on them.  After finding the vulnerable system, the break into the system by guessing passwords or using Password Crackers.

After compromising the credit card data, they cloned some credit cards and used them to make illegal purchases , mainly in Europe.  Also they sold the other credit card data.

The indictment, filed in US District Court in New Hampshire, named Adrian-Tiberiu Oprea, 27, Iulian Dolan, 27, Cezar Iulian Butu, 26, and Florin Radu, 23. They were each charged with four counts, including conspiracy to commit computer fraud, wire fraud, and two counts of conspiracy to commit fraud in connection with access device.

Hackers steal credit data: Hackers break into two computer stations of Vacationland Vendors

Hackers breached two computer stations owned by Vacationland Vendors of Wisconsin Dells, placing about 40,000 credit or debit card users at risk of theft.

The computers were at the Wilderness Resorts in Lake Delton and Sevierville, Tenn, where Vacationland Vendors operates the arcades. The company owns and operates 11 arcades and has been in operation 30 years. Vacationland Vendors is one of the Gussel family's businesses, which also include Holiday Wholesale as well as convenience stores and Dunkin Donut franchises.

A notice on the Vacationland Vendors web site says, "Based upon its investigation to date, Vacationland Vendors reasonably believes that a computer hacker improperly acquired credit card and debit information. This incident did not involve an internal security issue within the Wilderness Resort. Vacationland Vendors has learned that other businesses just like its own have been affected by this computer hacker."

Evan N. Zeppos, of the public relations firm, Zeppos & Associates, which is handling publicity about the breach, said the company was alerted to the breach by calls from one or two customers. The breach occurred on March 22.

No other computer systems in the Vacationland Vendors system with credit card information have been breached by hackers, Zeppos said.

Zeppos said when Vacationland learned of the breach, it called in forensic experts to look at the rdata in the system.

"Once we became aware of the breach, we immediately shut down the credit card system and took it offline April 1," Zeppos said.

Since then, the company has upgraded its security on the computer system. "We . . . believe we now have the highest level of security."

Although 40,000 credit or debit card users data was stored, Zeppos said it is believed that fewer than 20 individuals were impacted.

He suggested that anyone who used who used credit or debit cards at one of the affected arcades from Dec. 12, 2008 to May 25, 2011 should check their credit card statements for any unusual activity. Paying close attention to credit and debit card statements is a good thing to do. Saying he does not want to make excuses for the company, he encouraged customers to be diligent and vigilant for illegal use of their cards.

Heidi Fendos, public relations director for Sprecher Bertalot of Milwaukee, which handles public relations for the Wilderness resorts, said customers who used credit or debit cards at the resorts are being asked to carefully check their credit card statements.

"When they made our resort aware of the breach to one of their credit card stations in our Wild West Mega Arcade, we had them immediately cease all credit card activity in their leased area," Fendos said.

"Our resort wants to make it clear that the Wilderness Resort's credit card system was never compromised at any time during this situation with Vacationland Vendors' credit card station," Fendos said.

Vacationland Vendors continues to lease and operate the arcades at Wilderness, but the area is cash-only now. Credit cards are no longer accepted.

Zeppos said Vacationland is trying for broad dissemination of the information about the threat and has information on its web site, www.vactionlandvendors.com about what to do. The site says to do the following:

■ Watch for any unusual activity on your bank statements, credit card account or suspicious items on your bills.

■ Contact any of your credit card issuers, banks or credit unions, and inform them of this incident.

■ Place a fraud alert on your consumer credit file. A fraud alert instructs creditor to watch for unusual or suspicious activity in your accounts, and provides creditors with notice to contact you separately before approving an extension of credit. To place a fraud alert, free of charge, contact one of the three national credit reporting agencies listed below. You do not need to contact all three; rather, the agency that you contact will forward the fraud alert to the other two agencies on your behalf.

The national credit reporting agencies are Equifax Information Services LLC, P.O. Box 105069, Atlanta, GA 30348-5069, 1-800-525-6285, www.equifax.com; Experian, 1-888-397-3742, www.experian.com; and TransUnion, Fraud Victim Assistance Dept, P.O. Box 6790, Fullerton, CA 92834, 1-800-680-7289, www.transunion.com, fvad@transunion.com.

Information about personal identity theft and fraud may be obtained from the Federal Trade Commission at www.consumer.gov.idtheft or by calling 1-877-ID-THEFT

Zeppos said if individuals have additional questions they can send an e-mail to info@vacationlandvendors.com.


Source