#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Card Skimming | Breaking Cybersecurity News | The Hacker News

Bluetana App Quickly Detects Hidden Bluetooth Card Skimmers at Gas Pumps

Bluetana App Quickly Detects Hidden Bluetooth Card Skimmers at Gas Pumps
Aug 16, 2019
In recent years, gas stations have become one of the favorite targets for thieves who are stealing customers' credit and debit card information by installing a Bluetooth-enabled payment card skimmers at gas stations across the nation. The media has also reported several recent crimes surrounding credit card skimmers, including: Gas pump skimmer found at a 7-Eleven in Pinellas County Credit card skimmer found at West Palm Beach gas station Credit Card Skimmer Found at Gas Station in Sunnyvale Several Gas Pump Credit Card Skimmers Found at Bay Area Stations Gas pump credit card skimmers found at Boerne stations Credit card skimmers target Anthem Circle K For those unaware, Bluetooth credit card skimmer is a tiny sneaky device designed to stealthily capture payment card information, like credit card holder's card number, expiration date and the full name, which nearby thieves then retrieve wirelessly over a Bluetooth connection. Since these devices have been des

Hackers infect e-commerce sites by compromising their advertising partner

Hackers infect e-commerce sites by compromising their advertising partner
Jan 16, 2019
Magecart strikes again, one of the most notorious hacking groups specializes in stealing credit card details from poorly-secured e-commerce websites. According to security researchers from RiskIQ and Trend Micro, cybercriminals of a new subgroup of Magecart, labeled as "Magecart Group 12," recently successfully compromised nearly 277 e-commerce websites by using supply-chain attacks. Magecart is the same group of digital credit card skimmers which made headlines last year for carrying out attacks against some big businesses including Ticketmaster , British Airways , and Newegg . Typically, the Magecart hackers compromise e-commerce sites and insert malicious JavaScript code into their checkout pages that silently captures payment information of customers making purchasing on the sites and then send it to the attacker's remote server. However, the researchers from the two firms today revealed that instead of directly compromising targeted websites, the Magecart G

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future
Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu

Researcher spots an ATM Skimmer while on vacation in Vienna

Researcher spots an ATM Skimmer while on vacation in Vienna
Jun 26, 2016
We have heard a lot about ATM skimmers, but it's nearly impossible to spot one. Some skimmers are designed to look exactly like the card slot on the original machine and attached to the front, and others are completely hidden inside the ATM. But, during his vacation in Vienna, Austria, cyber security expert Benjamin Tedesco spotted an ATM skimmer that was totally unrecognizable. Tedesco was hanging out in Vienna and when about to draw some cash from a cash machine outside St. Stephen's Cathedral, he decided to do a quick visual inspection of the ATM machine and surprisingly spotted the dodgy device attached to it. Warning: Beware of Skimming Devices Installed on the ATM Vestibule Doors . That was a credit card skimmer – a perfect replica of the actual card reader that was designed to steal credit card information of users when they swipe their card to take off cash from the ATM. "Being security paranoid, I repeated my typical habit of checking the card read

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

Hacker Finds How Easy Is to Steal Money Using Square Credit-Card Reader

Hacker Finds How Easy Is to Steal Money Using Square Credit-Card Reader
Aug 04, 2015
Next time just be careful while swiping your credit card at small retailers or trendy stores that use Square Reader to accept credit card payments. The increasingly popular and widely used Square Reader can be easily turned into a skimming device that can be used to steal your credit card data, a group of researchers warned. Square Reader is a tiny device that allows small retailers to easily accept credit and debit card payments without having to spend the money on the traditional point of sale systems. However, despite its convenience, this cheap and easy-to-use alternative has a critical flaw that could allow anyone to easily steal your payment card information. All an attacker need is a screwdriver, superglue, and roughly 10 minutes to turn the latest generation Square Reader into a tiny, portable card skimmer . Converting a New Generation Square Reader into a Card Skimmer? A team of three security researchers from Boston University has discovered a w

Fraudsters Physically Deploy Malicious Software to Hack ATMs

Fraudsters Physically Deploy Malicious Software to Hack ATMs
May 31, 2014
Criminals will not let any way to cheat an ATM machine out of its cash, as it's one of the easiest way for them to get the hands on cash. ATM skimmers have now discovered a new and high-tech approach to target cash machines directly by inserting a physical notorious device into it instead. According to the Chinese press , two Ukrainian men arrested in Macau for reportedly planting the malicious software program in the seven Macau bank ATMs. This could came out as the quickest method to hack the cash machines. HACKING ATM MACHINES The two accused were arrested this week by the authorities in Macau, a Chinese territory approximately west of Hong Kong, but the two are from Ukraine and had successfully stolen almost $100,000 by corrupting more than seven ATMs with a computer virus. According to the authorities, the men allegedly used a green object device ( as shown in the image ) to carry out the money fraud. They first connected the device to a laptop and then inserted

Hardware Keylogger used by Card skimmers to steal Credit Cards at Nordstrom Store

Hardware Keylogger used by Card skimmers to steal Credit Cards at Nordstrom Store
Oct 14, 2013
Three men allegedly installed Credit Card Skimming keylogger at into cash registers in a Nordstrom department store in the Florida. Those Keyloggers were connected via a keyboard cord between the keyboard and the computer to intercept the information transmitted between the two devices and Furthermore, the gang used the connectors designed to resemble common PS2 cables. Krebs has indicated  on his blog that such keyloggers can be easily obtained online for about $40 only. Placing such a devices would have allowed criminals access to data for anyone applying for a Nordstrom credit card , plus any numbers typed in via the keyboard.  In order to collect the captured data, criminals have to return back after few days to collect the keylogger from store. But at this time it is unknown if the men ever returned to the store in order to retrieve the keyloggers and Nordstrom are unaware of any arrests being made. An alert circulated by the police department in Avent
Cybersecurity Resources