International Operation Discovers Over 400 Online Merchants Infected with Skimmers

In a recent coordinated international operation led by Greece, law enforcement authorities from 17 countries have unearthed a startling revelation: more than 400 online merchants have been infected with digital skimmers. These malicious tools, also known as malware, are covertly injected into legitimate websites with the intent to pilfer personal and card information from unsuspecting customers. This discovery highlights the persistent threat posed by cybercriminals and the ongoing battle to safeguard online transactions.

Coordinated International Operation

As part of the operation, authorities diligently went through an exhaustive process to identify and notify more than 400 online merchants about their skimmer infections. This concerted effort aims to raise awareness among merchants and users alike, enabling them to take necessary steps to mitigate the risks associated with these insidious cyber attacks.

Identification of New Digital Skimmers

The operation also yielded valuable results, leading to the identification of two dozen new digital skimmers. These skimmers, categorized as distinct malware families, add to the ever-growing arsenal used by cybercriminals to prey upon unsuspecting victims. Each new discovery brings added urgency to the fight against digital skimming, necessitating ongoing collaboration between law enforcement authorities and cybersecurity experts.

Understanding Digital Skimmers

Digital skimmers are sophisticated pieces of malware that infiltrate legitimate websites, clandestinely siphoning off sensitive personal and payment card information from customers. These malware families are embedded within the website’s code, often evading detection by traditional security measures. Once activated, they silently collect the user’s data, exposing them to identity theft and financial fraud.

Number of Known Digital Skimmer Families

According to cybersecurity firm Group-IB, there are currently 132 known digital skimmer families. This staggering number highlights the evolving complexity and diversity of these malicious tools, underscoring the pressing need for continued research and proactive defense mechanisms to counteract their proliferation.

Specific Skimmers Identified in the Operation

The international operation enabled authorities to identify specific skimmers that are actively used by cybercriminals. Among these are AngryBeaver, ATMZOW, FirstKiss, FakeGA, health_check, Inter, and R3nin. Each skimmer represents a unique method employed by cybercriminals to exploit vulnerabilities and extract sensitive data from infected websites.

The process of digital skimming operates by surreptitiously extracting credit card or payment information when customers engage in online purchases from compromised websites. Unbeknownst to the users, their data is silently intercepted during the payment process, providing cybercriminals with ample opportunities for illicit financial gain.

The Stealthiness of Digital Skimming

One of the most concerning aspects of digital skimming is its ability to go undetected for extended periods. Due to the stealthy nature of this malware, merchants and users may remain unaware of the compromise until significant damage has been done. Stolen payment card data is usually sold on underground marketplaces or exploited by fraudsters for unauthorized transactions, resulting in severe financial loss and personal distress.

Validation of Stolen Credit Card Data

To ensure the viability and profitability of their illicit operations, cybercriminals employ illegal services that validate the authenticity and usability of stolen credit card data. This additional layer of verification enables them to filter out non-working cards and focus their fraudulent activities on legitimate accounts, further compounding the challenges faced by law enforcement agencies combating cybercrime.

Recent Indictment of a Russian National

Highlighting the impact of these illicit services, authorities in the United States recently charged a Russian national for operating a service specifically designed to verify the validity of stolen credit card data. Encompassing a vast network, it is estimated that this service checked millions of cards annually. This case underscores the international nature of cybercrime and the need for global cooperation to bring offenders to justice.

The discovery of over 400 infected online merchants through the international operation serves as a stark reminder of the persistent threats posed by digital skimming. While law enforcement authorities and cybersecurity experts engage in an ongoing battle against these malware families, the protection of online transactions remains paramount. Continuous collaboration, increased awareness among merchants and customers, and the implementation of robust security measures are vital in safeguarding against the ever-evolving techniques employed by cybercriminals. Only through joint efforts can we fortify the digital landscape and foster secure online transactions for all.

Explore more

Can Jamf Beacon Bridge the Mac Security Expertise Gap?

The rapid proliferation of Apple hardware across enterprise networks has created a distinct disparity between the aesthetic preference of employees and the technical readiness of the security teams responsible for protecting them. As organizations increasingly integrate these devices into high-stakes workflows, the lack of specialized macOS knowledge within traditional IT departments becomes a glaring vulnerability. Jamf Beacon emerges as a

Aflac Japan Data Breach Impacts 4.4 Million Customers

Dominic Jainy is a veteran in the tech space, navigating the complex intersection of cybersecurity and artificial intelligence. With years of experience protecting high-stakes data through machine learning and blockchain, he offers a unique vantage point on why even the biggest insurance titans remain vulnerable to sophisticated extortion groups. Today, we delve into the recent security catastrophe at Aflac Japan,

Power Availability Dictates EMEA Data Center Growth

The unrelenting expansion of high-performance computing and artificial intelligence workloads across the European, Middle Eastern, and African markets has transformed energy procurement into the primary competitive differentiator for infrastructure developers today. While geographic proximity to end-users remains a relevant factor, the sheer scale of current deployments necessitates a pivot toward regions where the electrical grid can support multi-hundred megawatt campuses

How Does ARToken Bypass Microsoft 365 MFA?

A typical office worker receives a routine notification from what appears to be a legitimate SharePoint site, asking for a quick verification code to view a shared document. This seemingly harmless request arrives as an alphanumeric code on a professional Microsoft page, inviting the user to “verify” an identity. Because the interaction occurs entirely within official Microsoft domains, the employee

Is Your Oracle EBS Data Safe From Active Cyber Attacks?

Introduction Enterprise resource planning systems serve as the digital backbone of global commerce, yet hundreds of these critical platforms currently sit exposed to predatory actors on the open internet. Recent data reveals that nearly 950 Oracle E-Business Suite instances are directly reachable via the web, bypassing traditional security perimeters. This exposure coincides with the active exploitation of vulnerabilities that grant