Security Affairs
Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes|Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018|222 GitHub Repositories Linked to Fake Go Package Malware Operation|Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang|GigaWiper Merges Three Malware Families Into One Destructive Backdoor|INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|GodDamn Ransomware Uses PoisonX to Blind Security Software|AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes|Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018|222 GitHub Repositories Linked to Fake Go Package Malware Operation|Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang|GigaWiper Merges Three Malware Families Into One Destructive Backdoor|INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|GodDamn Ransomware Uses PoisonX to Blind Security Software|AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Hacker infected pumps at gas-stations in Russia in a profitable fraud scheme

Authorities discovered a fraudulent scheme involving dozens of gas-station employees who installed malicious programs on electronic gas pumps to cheat customers Russian law enforcement investigated fraudulent activities involving gas-station payment systems. Authorities discovered a fraudulent scheme involving dozens of gas-station employees who installed malicious programs on electronic gas pumps to trick customers into paying for more […]

Hacker infected pumps at gas-stations in Russia in a profitable fraud scheme

Authorities discovered a fraudulent scheme involving dozens of gas-station employees who installed malicious programs on electronic gas pumps to cheat customers

Russian law enforcement investigated fraudulent activities involving gas-station payment systems.

Authorities discovered a fraudulent scheme involving dozens of gas-station employees who installed malicious programs on electronic gas pumps to trick customers into paying for more fuel than they pumped into their vehicles.

The software allows gas-station employees to deliver between 3 to 7 percent less per gallon of pumped gas.

The scam shorted customers between 3-to-7 percent per gallon of gas pumped.

“At dozens of gas stations owned by the largest oil companies, FSB officers identified malicious computer programs, thanks to which the owners of cars quietly missed the fuel. At times, “underweight” was up to 7% of the amount of gasoline that was being refueled into the tank. Identify the virus was almost impossible. Their creator and distributor was detained.” reported media outlet Rosbalt.

On Saturday, Russian Federal Security Service (FSB) arrested the hacker Denis Zayev. The man was charged with the creation of several programs designed for such kind of frauds.

Authorities revealed that the programs were found only on gas stations in the south of the country.

According to the authorities, the man was selling the software to gas-station employees. involved in the fraud scheme. Zayev was sharing profits with gas-station employees, it has been estimated that the fraud allowed the hacker and employees to earn “hundreds of millions of rubles.”

The malicious software was undetectable by inspectors and oil companies that monitor gasoline inventory remotely.

“At dozens of gas stations, malicious programs were discovered, which made it unnoticeable for customers to undercharge fuel when refueling their cars. “A giant scam covered almost the entire south of Russia,” viruses “were found in dozens of gas stations in the Stavropol Territory, Adygea, Krasnodar Territory, Kalmykia, several republics of the North Caucasus, etc.” continues the Rosbalt.”A whole network was built to steal fuel from ordinary citizens – they did not bear any financial loss, “the source said. “

Zaiev’s software was very sophisticated programs that were injected both into the software of the pumps and into the cash register to modify records.

The Rosbalt provided details about the way the programs worked. Every morning, gas-station employees left one of the reservoirs empty (for example, under the guise of maintenance). When a customer made a purchase, the software automatically undercharged him from 3% to 7% of the amount of gasoline purchased. The meter on the column was instructed to display the clients to show that the entire volume of paid fuel was poured into the tank. The stolen gasoline was automatically sent to the tank left empty. The malware virus erased any track of this operation.

The fuel was collected in the tank to be sold later by scammers that shared the profits of the sale.

Vulnerabilities and cyber attacks involving systems at gas-stations are not a novelty.

In January 2014,  a criminal organization hit gas station ATMs located in South America. The gang used Bluetooth-enabled skimmers to steal 2 million dollars from customers.

Early 2015, experts at Rapid7 revealed that more than 5000 Automated tank gauges (ATGs) used to prevent fuel leaks at gas stations in US were vulnerable to remote cyber attacks.

gas-stations

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – fraud, gas-station)

[adrotate banner=”5″]

[adrotate banner=”13″]