24 Cyber Criminals Arrested

Uploaded on 2016-11-24 in FREE TO VIEW, GOVERNMENT-Law Enforcement, NEWS-Cybersecurity News

Romanian police arrest 24 members of a card skimming and cloning operation and identify 47 other suspects.

Police searched 18 houses in six Romanian counties and seized electronic devices, computers, mobile phones, equipment used to make card skimming devices and around €50,000 in cash. Europol said the gang had installed skimming devices in several EU member states at automatic bank teller machines and self-service fuel stations to copy the magnetic stripe data from payment cards.

The data gathered was then used to produce cloned payment cards that were used to withdraw cash in non-EU countries, including Nepal, the Philippines, Taiwan and the US, where Chip and PIN technology is not common.

Those arrested are also suspected of establishing or supporting an organised criminal group, illegal software and hardware operations, payment card falsification, fraudulent financial transactions and money laundering.

Europol said the investigation also led to the identification of a further 47 individuals involved in various activities within the criminal group.

Card cloning is rife

Criminal gangs are able to create clones of legitimate payment cards once they have copied all the necessary information from the card.

Card cloning has been suggested as one way the criminals who raided Tesco Bank could have tapped into 9,000 accounts in a short period of time to steal £2.5m. One of the affected Tesco Bank customers told the Mail Online that withdrawals using a card had been made in Brazil.

Obtaining the information by using skimming devices is fairly old school, however, with some gangs in more recent times infecting point-of-sale (POS) systems with malware to steal the card data.

In 2015, for example, Cisco researchers discovered POS malware, dubbed PoSeidon, which was designed to scrape POS devices’ memory for credit card information and exfiltrate that data.

The researchers said the card data can be used to create cloned payment cards, and is typically sold on criminal markets.

Card cloning is particularly rife in countries outside of Europe that have not yet implemented Chip and PIN technology in line with the Europay, MasterCard and Visa (EMV) standard.

In October 2014, then US president Barack Obama issued an executive order aimed at accelerating the adoption of cards that meet the EMV standard.

While EMV is not hack-proof, it provides more security than the magnetic stripe system, with a unique identifier for each transaction and user verification through a PIN code.

Although widely adopted in Europe, where it has been credited with significantly reducing card-present fraud, EMV adoption in the US has been relatively slow.

Computerweekly:    Banks Undermine Chip and PIN Security:

 

« Tesco Could Have Been Facing £2bn Fine After The Bank Hack
Cyber Security Market Is In A People-Power Crisis »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Chertoff Group

Chertoff Group

The Chertoff Group provide security advice and risk management services covering cyber security, insider threat, physical security and asset protection.

Radisys

Radisys

Radisys offers software, products, integrated systems, and professional services for communication service providers and telecom solution vendors.

Cyber Security Academy - University of Southampton

Cyber Security Academy - University of Southampton

An industry/University partnership established to advance cyber security through world class research, teaching excellence, industrial expertise and training capacity.

Mobile Mentor

Mobile Mentor

Mobile Mentor is an independent provider of enterprise mobility solutions in New Zealand and Australia.

Cryptovision

Cryptovision

Cryptovision GmbH is one of the leading specialists for modern, user-friendly cryptography and solutions for secure electronic identities.

Lithuanian National Accreditation Bureau

Lithuanian National Accreditation Bureau

Lithuanian National Accreditation Bureau is the national accreditation body for Lithuania. The directory of members provides details of organisations offering certification services for ISO 27001.

RiskRecon

RiskRecon

RiskRecon makes it easy to gain deep, risk contextualized insight into the cybersecurity risk performance of all of your third parties.

Gigacycle

Gigacycle

Gigacycle is one of the leading IT disposal and recycling providers in the UK. We specialise in IT asset disposal (ITAD) and data destruction.

Dell Technologies Capital

Dell Technologies Capital

At Dell Technologies Capital we lead investment in disruptive, early-stage startups in enterprise and cloud infrastructure.

GBT Technologies

GBT Technologies

GBT Technologies is a technology company focused on chip design and software to enable IoT, global mesh networks, and for applications relating to artificial intelligence.

SpecterOps

SpecterOps

SpecterOps has unique insight into the cyber adversary mindset and brings the highest caliber, most experienced resources to assess your organizations defenses.

Protek International

Protek International

Protek International delivers world-class Digital Forensics, eDiscovery, Cyber Security, and related Advisory services.

Digital Boundary Group (DBG)

Digital Boundary Group (DBG)

Digital Boundary Group (DBG) is an information technology security assurance services firm providing information technology security auditing and compliance assessment services to clients worldwide.

BOXX Insurance

BOXX Insurance

BOXX Insurance Inc. is a new type of insurance company for a new type of risk. Cyberboxx is the first fully-integrated cybersecurity and insurance solution for small-to-medium-sized businesses.

endpointX

endpointX

endpointX is a preventative cyber security company. We help companies minimize their risk of breach by improving cyber hygiene.

Everfox

Everfox

Everfox (formerly Forcepoint Federal) has been defending the world's most critical data and networks against the most complex cyber threats imaginable for more than 25 years.