U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Authorities arrest 3 Indonesian hackers behind many Magecart attacks

The Indonesian National Police and the Interpol announced the arrest of three Indonesian hackers who carried out Magecart attacks. The Indonesian National Police in a joint press conference with Interpol announced the result of an investigation dubbed ‘Operation Night Fury’ that allowed to arrest three hackers that carried out Magecart attacks to steal payment card data. The […]

op night fury Magecart attacks

The Indonesian National Police and the Interpol announced the arrest of three Indonesian hackers who carried out Magecart attacks.

The Indonesian National Police in a joint press conference with Interpol announced the result of an investigation dubbed ‘Operation Night Fury’ that allowed to arrest three hackers that carried out Magecart attacks to steal payment card data.

The three hackers had compromised hundreds of e-commerce websites worldwide.

The Operation Night Fury was led by Interpol’s ASEAN Cyber Capability Desk, a joint initiative to drive intelligence-led and coordinated actions against cybercrime in ASEAN through the implementation of a harmonized regional coordination framework.

The three hackers were arrested in December in Jakarta and Yogyakarta and charged with data theft, fraud, and unauthorized access to computer systems. The men face up to 10 years in prison under article 363 of the Indonesian Criminal Code.

According to the authorities, the hackers had compromised at least 12 e-commerce websites, but the trio may be involved in a larger number of attacks.

Researchers from Sanguine Security have tracked the activity of this group for several years and believe they have compromised than 571 e-commerce stores.

The attribution of the 571 attacks to this specific group is based on an odd message that was left in all of the skimming code they used:

“Success gan !translates to “Success bro” in Indonesian.

According to the authorities, the suspects used stolen credit cards to buy electronic goods and other luxury items, and then resell on local e-commerce websites in Indonesia.

“The modus operandi of the suspect is to infect hundreds of e-commerce originating from various countries in the world, after getting the results in the form of thousands of payment data used for shopping payments in e-commerce, the suspects use the stolen data to spend electronic goods and other luxury goods.” reads the press release published by the police.

“The suspects also tried to resell the goods after they received from the shipper online and through e-commerce in Indonesia at a relatively cheap price or below the market price, evidence secured by Dittipidsiber 1 laptop, 5 mobile phones of various brands, 1 unit CPU, 3 pieces of KTP on behalf of the perpetrators, 1 BCA token, and 2 ATM cards. Of the 500 data losses, the perpetrators made a profit of 300-400 million.”

According to the experts from Sanguine Security, this group is responsible only for 1% of overall attacks carried out by groups under the Magecart umbrella, this means that many other hackers are ready to attack e-commerce sites worldwide.

“This group had a serious impact on global ecommerce security in recent years, by skimming at least 571 hacked stores.” concluded the experts. “However, they were responsible for just 1% of all Magecart incidents since 2018 and should be considered small catch. Sanguine Security estimates that there are yet another 40 to 50 more sophisticated individuals involved in web-skimming activity.”

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Magecart, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]