Posts

High-Level Organizer of Notorious Hacking Group Sentenced to Prison for Scheme that Compromised Tens of Millions of Debit and Credit Cards | OPA


A Ukrainian national was sentenced today in the Western District of Washington to 10 years in prison for his high-level role in the criminal work of the hacking group FIN7.

Fedir Hladyr, 35, served as a manager and systems administrator for FIN7. He was arrested in Dresden, Germany, in 2018, at the request of U.S. law enforcement and was extradited to Seattle, Washington. In September 2019, he pleaded guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking.

“The defendant and his conspirators compromised millions of financial accounts and caused over a billion dollars in losses to Americans and costs to the U.S. economy,” said Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division. “Protecting businesses – both large and small – online is a top priority for the Department of Justice. The department is committed to working with our international partners to hold such cyber criminals accountable, no matter where they reside or how anonymous they think they are.”

“This criminal organization had more than 70 people organized into business units and teams.  Some were hackers, others developed the malware installed on computers, and still others crafted the malicious emails that duped victims into infecting their company systems,” said Acting U.S. Attorney Tessa M. Gorman of the Western District of Washington. “This defendant worked at the intersection of all these activities and thus bears heavy responsibility for billions in damage caused to companies and individual consumers.”

“These cyber thieves orchestrated an elaborate network of hackers and systems to infiltrate businesses and exploit consumers’ personal information,” said Special Agent in Charge Donald M. Voiret of the FBI’s Seattle Field Office. “Their specialized skills to target certain industries amplified the damage exponentially. Thanks to the hard work of law enforcement partners both in the U.S. and overseas, these fraudsters are not beyond our reach and cannot hide from the law.”

According to documents filed in the case, since at least 2015, members of FIN7 (also referred to as…

Source…

Swiss hacker indicted after claiming credit for breaching Nissan, Intel


By Paresh Dave

(Reuters) – A Swiss computer hacker who has claimed credit for helping steal or distribute proprietary data from Nissan Motor Co, Intel Corp and most recently security camera startup Verkada was indicted on Thursday, U.S. prosecutors announced.

Till Kottmann, 21, remains in Lucerne and has been notified about the pending charges, the U.S. attorney’s office in Seattle said in a statement.

Kottmann did not immediately respond to a request for comment following the announcement of the indictment, which came after midnight in Lucerne.

Kottmann over the last year allegedly working with a group accessed internal files belonging to at least eight parties, including six unnamed companies, the Washington State Department of Transportation and an undisclosed federal agency, according to the indictment.

“Kottmann, and others, accessed protected computers, including ‘git’ and source code repositories as well as internal infrastructure, through use of stolen access keys, credentials and exploits,” the indictment said.

It added Kottmann overall hacked dozens of businesses and government agencies and purportedly published leaked data from over 100 entities.

In social media posts and on a website, Kottmann allegedly shared some of the information and took credit for breaches, the document said.

Dates and descriptions in the indictment related to two of the alleged hacks match Kottmann’s past statements about Intel and Nissan.

Intel declined to comment. Nissan and Verkada did not immediately respond to requests for comment.

This month, Kottmann shared with Reuters recordings of live and archived surveillance footage Kottmann obtained from inside a Tesla factory, an Alabama jail and other facilities by gaining access to Verkada’s administrative system.

Prosecutors accused Kottmann of wire fraud, aggravated identity theft and conspiracy to commit computer fraud and abuse.

It was not immediately clear if or when Kottmann would be brought to the U.S. to face charges. Swiss authorities raided Kottmann’s residence last week.

(Reporting by Paresh Dave; additional reporting by Joseph Menn; Editing by Leslie Adler and Michael Perry)

Source…

Hackers hide credit card data from compromised stores in JPG file

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


Hackers have come up with a sneaky method to steal payment card data from compromised online stores that reduces the suspicious traffic footprint and helps them evade detection.

Instead of sending the card info to a server they control, hackers hide it in a JPG image and store it on the infected website.

Easy data exfiltration

Researchers at website security company Sucuri found the new exfiltration technique when investigating a compromised online shop running version 2 of the open-source Magento e-commerce platform.

These incidents are also known as Magecart attacks and have started years ago. Cybercriminals gaining access to an online store through a vulnerability or weakness plant malicious code designed to steal customer card data at checkout.

Sucuri found a PHP file on the compromised website that the hackers had modified to load additional malicious code by creating and calling the getAuthenticates function.

The code above also created in a public location of the infected store a JPG image that would be used to store payment card data from customers in encoded form.

This allowed the attackers to easily download the information as a JPG file without triggering any alarms in the process as it would look as if a visitor simply downloaded an image from the website.

Analyzing the code, the researchers determined that the malicious code used the Magento framework to capture the information from the checkout page delivered through the Customer_ parameter.

If the customer providing the card data was logged in as a user, the code also stole their email address, Sucuri said in a blog post last week.

The researchers say that almost all data submitted on the checkout page is present in the Customer_ parameter, which includes payment card details, phone number, and postal address.

All the information above can be used for credit card fraud either directly by the hackers or by another party purchasing the data, or to deploy more targeted phishing and spam campaigns.

Sucuri says that this method is sufficiently stealthy for website owners to miss when checking for an infection. However, integrity control checks and website monitoring services should be able to detect changes such…

Source…

What To Do When You Lose Your Credit Card – Forbes Advisor

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


Nothing quite induces panic quicker than misplacing your wallet or credit card. Immediately, you launch into a necessary to-do list to protect your identity, minimize fraudulent charges and replace missing items.

Thankfully, losing a credit card is often more inconvenient than precarious, but it is still crucial to take these necessary steps.

At a Glance

  • Retrace your steps—Go back to where you last used the card or accessed your wallet.
  • Deactivate Your Card—Once you know that the card is missing, reach out to your credit card provider immediately to lock or deactivate your card.
  • Request a Replacement—A new card will be sent to your billing address.
  • Update Automatic Bill Pay—Update your credit card information for any auto payments you have set to bill to that card.

Retrace your Steps

In a moment of stress it can be easy to miss the obvious first step: Take a moment to go back to where you last used the card to determine if it was simply misplaced.

The mobile app for your credit card may allow you to lock the card while it is out of your control.  A locked card will give you a greater sense of calm while you look for it. Once you find the card, keep an eye out for unauthorized transactions that may have occurred while the card was out of your possession.

If you identify any fraudulent charges, contact your card provider immediately.

Deactivate Your Card

If your card is lost or stolen, contact your credit card provider online, by phone or through its mobile app—as quickly as possible. Thankfully, many credit cards offer zero liability to their users protecting them from unauthorized purchases. If your card provider does not offer this protection the Fair Credit Billing Act still limits card liability to $50.

Reporting a lost debit card is especially important, as the liability protections are not as strong on debit cards as credit cards. Ideally, you should report the loss before any unauthorized purchase can be made. Otherwise, make sure to report it no more than 2 business days after you learn about the loss or theft.

Assuming you have not also lost your cell phone, you can use it to readily access your account and lock or deactivate your…

Source…