A group of hackers known as “keepers” set up a networked network to steal credit card information (TDC) from more than 570 e-commerce sites. Almost $ 7 million in cryptocurrency earnings have been credited since 2017, selling the information of the stolen cards over the dark internet.
According to a study conducted by the threat intelligence agency on July 7, Gemini Advisory, the group of hackers, managed to create 64 attack domains and 73 exfiltration domains. These domains were used to obtain the credit card details used on numerous e-commerce websites in approximately 55 countries.
The malicious domains displayed a login window that was identical to that of any e-commerce website. How to insert the malware user data to find the credit card data.
Over 184,000 credit cards compromised
The most affected countries are the United States, the United Kingdom and the Netherlands.
The report describes this Around 184,000 cards were compromised in Keeper’s attacks between July 2018 and April 2019. The exact amount of stolen credit card information is unknown. At the time of printing The group of hackers continues their secret activities.
Ameet Naik, security expert at PerimeterX cybersecurity company, told Cointelegraph:
“Credit card fraud (skimming) and attacks on e-commerce websites (Magecart) are a lucrative business for hackers to make profitable profits. Large companies like this can still compromise hundreds of thousands of cards. Companies should keep an eye on these attacks by: block their infrastructure whenever possible using strong multi-factor authentication and application protection solutions, even if they are not aimed at large, high-traffic businesses on the client side, which can detect and stop such attacks in real time. “
Gemini claims that given the Dark Web average price of $ 10 for each committed non-existent card transaction (CNP), the group has raised over $ 7 million in cryptocurrency from the Dark Web sale of the stolen data. There are no details on which cryptocurrencies have been accepted as a payment method.
The group is still active
The researchers warn that keeper not only remains active, but also improves and innovates its attack techniques and methods.
The investigation of the cyber security company, The Cyble Research Team announced that on May 29, data from more than 80,000 credit cards was available for sale on the dark internet. The data on these maps appear to have been collected from different countries around the world.
Cointelegraph reported in 2019 that Financial fraudsters sell credit card details for only 10 or 12 cents to buyers who are ready to provide a prepaid Bitcoin (BTC) rate, black, according to the new market report for the third quarter of 2019, published by the Armor Threat Resistance Unit.