A Ukrainian national who admitted to working as a system administrator and IT manager for the notorious FIN7 cybercriminal gang, which has been involved in the theft of millions of payment cards, has been sentenced to 10 years in federal prison.
Criminals continue to target ATMs with black boxes to run cash-out attacks and use explosives to get cash out of machines. But during the pandemic, most other types of attacks used to target ATMs, payment terminals and point-of-sale devices sharply declined, a new European study shows.
Older ATMs across Latin America are being struck by a new version of "jackpotting" malware, which can cause the machines to dispense cash. The malware, called Ploutus, can cause ATMs made by Itautec, a Brazilian company, to discharge up to $1,700.
The combination of governmental financial support driven by “high unemployment, business insolvency, and disruptions in global
trade patterns” + increased online and remote banking has led to a spike in
Heightened risks made it harder to comply with requirements to combat financing terrorism...
Point-of-sale device manufacturers Verifone and Ingenico have released fixes for flaws in some of their devices after researchers found the vulnerabilities could have enabled attackers to steal payment card data, clone cards or install malware.
Criminals have been seeking innovative new ways to steal cash from ATMs. In the U.S., there has been a surge in physical attacks, while Europe has seen a sharp increase in "black box" attacks designed to make ATMs dispense cash on demand.
Despite the shift to e-commerce during the pandemic, attacks against POS devices persist. For example, Visa's payment fraud disruption team uncovered recent malware attacks on POS devices used by two North American hospitality companies.
A flaw in how contactless cards from Visa - and potentially other issuers - have implemented the EMV protocol can be abused to bypass PIN verification for high-value transactions, ETH Zurich researchers warn. But Visa says the exploits would be "impractical for fraudsters to employ" in real-world attacks.
Diebold Nixdorf and NCR have issued patches for ATM software vulnerabilities that could enable a hacker with physical access to the devices to commit deposit forgery, according to the Carnegie Mellon University CERT Coordination Center.
Diebold Nixdorf, a major manufacturer of ATMs, has issued an alert about "jackpotting" or "cash-out" attacks that are draining cash from its machines in several European countries. What makes these attacks unusual?
The notorious carder marketplace Joker's Stash is advertising a fresh batch of 400,00 stolen payment cards issued by both South Korea and U.S. banks, warns Group-IB. It says that on average, stolen APAC payment card data sells for five times more than stolen U.S. payment card data.
Faster payments are the new reality in more than 40 countries, and this innovation is benefiting consumers and businesses alike. Criminals are also enjoying the speed and non-refutable nature of these transfers, and in many deployments faster payments quickly translates to faster fraud.
This does not have to be the...
Starting Jan. 1, State Bank of India will no longer accept magnetic stripe debit card transactions and will accept only EMV chip-based cards in compliance with an RBI mandate, which is designed to help prevent card fraud, including skimming and cloning.
The notorious Joker's Stash cybercrime marketplace, which specializes in selling stolen payment card data, has a new listing for 1.3 million credit and debit cards, almost all of which appear to have been issued by Indian banks, reports threat intelligence firm Group-IB.