Security News

Payment terminal malware steals $3.3m worth of credit card numbers – so far
2022-10-24 22:11

Cybercriminals have used two strains of point-of-sale malware to steal the details of more than 167,000 credit cards from payment terminals. The security firm's threat intelligence unit identified the C2 server in April, and determined the operators stole payment info belonging to tens of thousands of credit card holders between February 2021 and September 8, 2022.

Alternative payment methods are creating new fraud risks
2022-10-14 03:00

eCommerce fraud to merchants to exceed $48 billion / eCommerce merchants must step up their fraud prevention strategies. A Juniper Research study found that the total cost of eCommerce fraud to merchants will exceed $48 billion globally in 2023, from just over $41 billion in 2022.

New NullMixer Malware Campaign Stealing Users' Payment Data and Credentials
2022-09-27 13:19

Cybercriminals are continuing to prey on users searching for cracked software by directing them to fraudulent websites hosting weaponized installers that deploy malware called NullMixer on compromised systems. "When a user extracts and executes NullMixer, it drops a number of malware files to the compromised machine," cybersecurity firm Kaspersky said in a Monday report.

FBI: Hackers steal millions from healthcare payment processors
2022-09-14 22:54

The Federal Bureau of Investigation has issued an alert about hackers targeting healthcare payment processors to route payments to bank accounts controlled by the attacker. Cybercriminals are combining multiple tactics to obtain login credentials of employees at payment processors in the healthcare industry and to modify payment instructions.

Should ransomware payments be banned? A few considerations
2022-08-31 04:30

Several U.S. states have recently moved to ban local and state agencies and organizations funded by taxpayers' dollars from paying off ransomware gangs, and a few more are gearing up to it. In this Help Net Security video interview, Alex Iftimie, Partner at Morrison & Foerster, talks about the possible repercussions of such legislation and, in general, about the evolving nature of ransomware attacks and the current global efforts aimed at fighting the ransomware threats.

How to navigate payment regulations without compromising customer experience
2022-08-25 04:30

As payment fraud increases, global losses are projected to reach $40.62 billion by 2027. Governments and businesses are turning to meaningful customer authentication to crack down on identity theft.

Xiaomi Phones with MediaTek Chips Found Vulnerable to Forged Payments
2022-08-18 03:01

Security flaws have been identified in Xiaomi Redmi Note 9T and Redmi Note 11 models, which could be exploited to disable the mobile payment mechanism and even forge transactions via a rogue Android app installed on the devices. Specifically, the Israeli cybersecurity firm discovered that a trusted app on a Xiaomi device can be downgraded due to a lack of version control, enabling an attacker to replace a newer, secure version of an app with an older, vulnerable variant.

Xiaomi Phone Bug Allowed Payment Forgery
2022-08-16 12:26

Smartphone maker Xiaomi, the world's number three phone maker behind Apple and Samsung, reported it has patched a high-severity flaw in its "Trusted environment" used to store payment data that opened some of its handsets to attack. Researchers at Check Point Research revealed last week in a report released at DEF CON that the Xiaomi smartphone flaw could have allowed hackers to hijack the mobile payment system and disable it or create and sign their own forged transactions.

Xiaomi phones with MediaTek chips vulnerable to forged payments
2022-08-12 10:00

Security analysts have found security issues in the payment system present on Xiaomi smartphones that rely on MediaTek chips providing the trusted execution environment that is responsible for signing transactions. Considering how common mobile payments and Xiaomi phones are, especially in Asian markets, the money pool hackers could tap into is estimated to be in the billions of U.S. dollars.

Could criminalizing ransomware payments put a stop to the current crime wave?
2022-08-08 05:00

In this Help Net Security video, Charl van der Walt, Head of Security Research, Orange Cyberdefense, discusses whether criminalizing ransomware payments could quell the current crime wave by...