Security News

The Liquor Control Board of Ontario, a Canadian government enterprise and the country's largest beverage alcohol retailer, revealed that unknown attackers had breached its website to inject malicious code designed to steal customer and credit card information at check-out.LCBO revealed on Wednesday that third-party forensic investigators found a credit card stealing script that was active on its website for five days.

Sadly, that's long merely in terms of time, not long in terms of technical complexity or the number of links in the chain itself. In the early 2010s, a web analytics company called Cockpit offered a free web marketing and analytics service.

According to a data breach notification shared with the Montana Attorney General's office, See Tickets discovered the breach in April 2021, when they started an investigation with the help of a forensics firm. After engaging with forensic experts and Visa, MasterCard, American Express, and Discover to investigate the incident further, See Tickets concluded on September 12, 2022, that unauthorized parties may have accessed customer credit card information.

Two point-of-sale malware variants have been put to use by a threat actor to steal information related to more than 167,000 credit cards from payment terminals. While a significant proportion of attacks aimed at gathering payment data rely on JavaScript sniffers stealthily inserted on e-commerce websites, PoS malware continues to be an ongoing, if less popular, threat.

Cybercriminals have used two strains of point-of-sale malware to steal the details of more than 167,000 credit cards from payment terminals. The security firm's threat intelligence unit identified the C2 server in April, and determined the operators stole payment info belonging to tens of thousands of credit card holders between February 2021 and September 8, 2022.

Online retailer Zoetop will fork out $1.9 million after account data belonging to 46 million customers was stolen in 2018. About those hashed passwords: "The method Zoetop had used to hash the passwords left them susceptible to password cracking attacks, through which attackers could identify the original, unhashed password," the New York probe found.

A dark web carding market named 'BidenCash' has released a massive dump of 1,221,551 credit cards to promote their marketplace, allowing anyone to download them for free to conduct financial fraud. Carding is the trafficking and use of credit cards stolen through point-of-sale malware, magecart attacks on websites, or information-stealing malware.

Multiple campaigns that distributed trojanized and typosquatted packages on the NPM open source repository have been identified as the work of a single threat actor dubbed LofyGang. Checkmarx said it discovered 199 rogue packages totaling thousands of installations, with the group operating for over a year with the goal of stealing credit card data as well as user accounts associated with Discord Nitro, gaming, and streaming services.

Security analysts have observed three new versions of Prilex PoS-targeting malware this year, indicating that its authors and operators are back in action. Prilex started as ATM-focused malware in 2014 and it pivoted to PoS devices in 2016.

A massive operation that has reportedly siphoned millions of USD from credit cards since its launch in 2019 has been exposed and is considered responsible for losses for tens of thousands of victims. The site operators, thought to originate from Russia, operate an extensive network of bogus dating and customer support websites and use them to charge credit cards bought on the dark web.