A group of hackers known as „Keepers“ established an interconnected network to steal credit card data (TDC) from over 570 e-commerce sites. Since 2017, they have made nearly $7 million in profits in crypto-currencies, selling stolen card information over the dark web.
Twitter users can now send crypto currencies with Torus
According to a July 7 study by the threat intelligence firm, Gemini Advisory, the group of hackers managed to create 64 attack domains and 73 exfiltration domains. These domains were used to obtain credit card data used on numerous e-commerce sites in approximately 55 countries.
The malicious domains displayed a login panel identical to that of each e-commerce site. This inserted the payload of the malware to find the credit card data.
Over 184,000 credit cards compromised
The countries most affected are the United States, the United Kingdom and the Netherlands.
Brock Pierce launches himself at the last minute as a candidate for the presidency of the United States
The report details that some 184,000 cards were compromised during the attacks perpetrated by Keeper between July 2018 and April 2019. The exact amount of stolen credit card data is unknown. As we go to press, the group of hackers still continues its clandestine activities.
Ameet Naik, a security expert from the cyber security company, PerimeterX, told Cointelegraph:
„Credit card fraud (Skimming) and attacks on e-commerce sites (Magecart) are a lucrative business for hackers to generate abundant profits. Large-scale operations like these can still compromise hundreds of thousands of credit cards, even though they do not target major high-traffic stores. Companies must remain vigilant to these attacks by locking down their infrastructure, using strong multi-factor authentication whenever possible, and leveraging customer-side application protection solutions that can detect and stop such attacks in real time.
Gemini claims that, given the average price of the dark web is USD 10 for each uncommitted card transaction, or CNP, the group accumulated more than USD 7 million in crypto currencies from the sale of stolen data on the dark web. There are no details on which crypto currencies were accepted as a method of payment.
The group is still active
Researchers warn that Keeper is not only remaining active, but is also improving and innovating its techniques and methods of attack.
Research by cybersecurity firm Cyble Research Team revealed that on May 29, more than 80,000 credit card details were put up for sale on the dark web. The data on these cards appears to have been collected from several countries around the world.
A new SEC-registered, Treasury-based digital security begins trading
Cointelegraph reported in 2019 that financial fraudsters are selling credit card data for as little as 10 or 12 cents to buyers who are willing to provide a prepaid rate at Bitcoin (BTC), all according to the new Q3 2019 Black Market Report, published by Armor’s threat resistance unit.