IEEE Computer Society Newsfeed

Subscribe RSS

« Back

US Authorities Charge Hackers in Huge, High Profile Attacks

US authorities have charged four Russians and a Ukrainian in connection with an extensive, eight-year hacking operation in which they allegedly stole 160 million credit-card numbers and sold them on the black market. The network’s targets included numerous high-profile payment processors, retailers, and financial institutions including the 7-Eleven convenience-store company, Dow Jones, the Hannaford Bros. supermarket chain, the J.C. Penney department stores, and Visa Jordan Card Services, a licensee of the Visa credit-card company in the country of Jordan. Hackers initially penetrated the networks via SQL injection attacks and then added a backdoor to enable easy ongoing access. They stole usernames, passwords, other types of personal identification used for verification, credit-card numbers, and debit-card information. The hackers sold the data to identity-theft wholesalers for $10 per US credit card and associated data; $15 per Canadian credit card and associated data; and $50 per European credit card and associated data. The wholesalers put the information onto blank credit or debit cards that could be used to withdraw money or make purchases. Authorities indicted the suspects on charges including conspiracy to gain unauthorized access to computers, conspiracy to commit wire fraud, and wire fraud. Two were arrested in the Netherlands and have been extradited to the US, but the other three are at large. (SlashDot)(SecurityWeek)(The New York Times)

Trackback URL: