24 Cyber Criminals Arrested

Uploaded on 2016-11-24 in FREE TO VIEW, GOVERNMENT-Law Enforcement, NEWS-Cybersecurity News

Romanian police arrest 24 members of a card skimming and cloning operation and identify 47 other suspects.

Police searched 18 houses in six Romanian counties and seized electronic devices, computers, mobile phones, equipment used to make card skimming devices and around €50,000 in cash. Europol said the gang had installed skimming devices in several EU member states at automatic bank teller machines and self-service fuel stations to copy the magnetic stripe data from payment cards.

The data gathered was then used to produce cloned payment cards that were used to withdraw cash in non-EU countries, including Nepal, the Philippines, Taiwan and the US, where Chip and PIN technology is not common.

Those arrested are also suspected of establishing or supporting an organised criminal group, illegal software and hardware operations, payment card falsification, fraudulent financial transactions and money laundering.

Europol said the investigation also led to the identification of a further 47 individuals involved in various activities within the criminal group.

Card cloning is rife

Criminal gangs are able to create clones of legitimate payment cards once they have copied all the necessary information from the card.

Card cloning has been suggested as one way the criminals who raided Tesco Bank could have tapped into 9,000 accounts in a short period of time to steal £2.5m. One of the affected Tesco Bank customers told the Mail Online that withdrawals using a card had been made in Brazil.

Obtaining the information by using skimming devices is fairly old school, however, with some gangs in more recent times infecting point-of-sale (POS) systems with malware to steal the card data.

In 2015, for example, Cisco researchers discovered POS malware, dubbed PoSeidon, which was designed to scrape POS devices’ memory for credit card information and exfiltrate that data.

The researchers said the card data can be used to create cloned payment cards, and is typically sold on criminal markets.

Card cloning is particularly rife in countries outside of Europe that have not yet implemented Chip and PIN technology in line with the Europay, MasterCard and Visa (EMV) standard.

In October 2014, then US president Barack Obama issued an executive order aimed at accelerating the adoption of cards that meet the EMV standard.

While EMV is not hack-proof, it provides more security than the magnetic stripe system, with a unique identifier for each transaction and user verification through a PIN code.

Although widely adopted in Europe, where it has been credited with significantly reducing card-present fraud, EMV adoption in the US has been relatively slow.

Computerweekly:    Banks Undermine Chip and PIN Security:

 

« Tesco Could Have Been Facing £2bn Fine After The Bank Hack
Cyber Security Market Is In A People-Power Crisis »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Igloo Security

Igloo Security

Igloo Security is a leader and pioneer in SIEM (Security Information & Event Management), PSIM (Physical Security Information Management) and MSS (Managed Security Services).

Verafin

Verafin

Verafin is one of the North American leaders in fraud detection and AML software.

Cequence Security

Cequence Security

Cequence, a pioneer in API security and bot management, is the only solution that delivers Unified API Protection (UAP), uniting discovery, compliance, and protection.

CSIRT Italia

CSIRT Italia

CSIRT Italia is the national Computer Security Incident Response Team for Italy.

Logic Supply

Logic Supply

Logic Supply is a global industrial PC company focused on hardware for the IoT edge. We design highly-configurable computers engineered for reliability.

Concourse Labs

Concourse Labs

Concourse Labs Security Guardrails continuously verify cloud infrastructure and workloads. Continuously assess clouds for security, resiliency, and regulatory compliance.

RiskSmart

RiskSmart

RiskSmart empower risk, compliance, and legal teams with a tech-led and data-driven platform designed to save time, reduce costs and add real value to businesses.

Assured Clarity

Assured Clarity

Assured Clarity are a global consultancy, specialising in Risk Management and Data Privacy, through Education, Awareness and Training, throughout an organisation.

Phriendly Phishing

Phriendly Phishing

Phriendly Phishing offers phishing awareness training programs designed to ward off potential security threats and minimise the impact of cyber attacks.

Smile Identity

Smile Identity

Smile Identity helps businesses confirm the true identity of their users in real-time using any smartphone or computer.

Sentar

Sentar

Sentar is a cyber intelligence company, applying advanced analytics and systems engineering expertise to protect our national security by securing mission-critical assets.

Securin

Securin

Securin offers a comprehensive portfolio of solutions including Attack Surface Management, Vulnerability Intelligence, Penetration Testing, and Vulnerability Management.

Manifest

Manifest

Manifest is a cybersecurity company dedicated to helping enterprises secure their software supply chains.

AirMDR

AirMDR

Designed by experts, AirMDR solutions cater to the unique demands of security operations centers.

Computer Futures

Computer Futures

Computer Futures are a global specialist IT recruitment partner, matching candidates with roles across niche IT markets and core technologies.

CSIRT-Gnd

CSIRT-Gnd

CSIRT-Gnd provides 24x7 Computer Security Incident Response Services to citizens, companies and government agencies in Grenada.