The story is more or less recent and was revealed in December 8th District Court for the State of New Hapmshire (USA). they tells how the hackers just teaching a lesson to heavy network of Subway sandwiches since 2008 and how the simple act of paying for the meal with a credit card can easily become a headache of demons.
RĂ¡quers Romania, those vampires rascal, would have gained access to credit card data from the computers point-of-sales network of franchisees of Subway, as well as at least 50 other smaller distributors.
The result? More than $ 3 million in fraud and obamas a festival of complaints to financial operators.
To cause the same hole anywhere else, for those willing to take the stupid risks and profitable, the rattletrap involved is nothing sophisticated. Most software is freely available on the network and for a change, everything will depend much more careless user, the power to leech the crime.
The front door was the fact that many employees do not ran the authentication protocols on each machine from the point of sale, which figured as the main facilitator. In the case of Subway in particular were more than 80,000 victims, until the central system administrator noticed that something was wrong. Evan Schuman and more operators of a credit fraud discovered almost simultaneously.
To begin with, all the action from hackers relied almost two points: remote access to machines running the vulnerable and unwary software point of sale (cash, orders, inventory, etc.) in almost all franchisees of the network. To finish off the obvious, a Trojan horse (XP.exe) was complete logging of all machines and even backdoor was installed they were reconnected to often. A disgrace.
That is, enough to pass the credit card that someone would be waiting on the other side of the "tray". The data were subtracted mass. Whereas the Subway network processes a substantial amount of requests daily from around the country, can you imagine how many employees are already looking for another job while you finish this text.
As usual a scheme so large you can not run for only one person, the data was being sold freely on the Internet through the same fields in the U.S., bought with their own credit cards. One of the indirectly involved, Cezar Iulian Butu, pressed new cards cloned in a house in Belgium and spent the money on gambling at the local shops.
Already a actually a little more recent, announced yesterday, the same industry wholesaler Restaurant Depot had an even greater number of bank cards and dice subtracted: more than 200 000 cards.
A company security audit reported that malware has been installed throughout the system transaction processing credit and debit cards, compromising the data of thousands of enterprise customers from 21 September until 18 November.
The company issued a letter to its customers that the company hired a forensic analysis and that is available to repay all of its customers any expenses caused by his 'failure'.
Symantec estimates that cybercrime an average income of U.S. $ 144 billion per year. To have a basis of comparison, all bank robberies in 2010 amounted to U.S. $ 43 million and the global cocaine market in the world totaled $ 85 billion.
The crime has evolved continuously, but the default user is still innocent.
RĂ¡quers Romania, those vampires rascal, would have gained access to credit card data from the computers point-of-sales network of franchisees of Subway, as well as at least 50 other smaller distributors.
The result? More than $ 3 million in fraud and obamas a festival of complaints to financial operators.
To cause the same hole anywhere else, for those willing to take the stupid risks and profitable, the rattletrap involved is nothing sophisticated. Most software is freely available on the network and for a change, everything will depend much more careless user, the power to leech the crime.
The front door was the fact that many employees do not ran the authentication protocols on each machine from the point of sale, which figured as the main facilitator. In the case of Subway in particular were more than 80,000 victims, until the central system administrator noticed that something was wrong. Evan Schuman and more operators of a credit fraud discovered almost simultaneously.
To begin with, all the action from hackers relied almost two points: remote access to machines running the vulnerable and unwary software point of sale (cash, orders, inventory, etc.) in almost all franchisees of the network. To finish off the obvious, a Trojan horse (XP.exe) was complete logging of all machines and even backdoor was installed they were reconnected to often. A disgrace.
That is, enough to pass the credit card that someone would be waiting on the other side of the "tray". The data were subtracted mass. Whereas the Subway network processes a substantial amount of requests daily from around the country, can you imagine how many employees are already looking for another job while you finish this text.
As usual a scheme so large you can not run for only one person, the data was being sold freely on the Internet through the same fields in the U.S., bought with their own credit cards. One of the indirectly involved, Cezar Iulian Butu, pressed new cards cloned in a house in Belgium and spent the money on gambling at the local shops.
Already a actually a little more recent, announced yesterday, the same industry wholesaler Restaurant Depot had an even greater number of bank cards and dice subtracted: more than 200 000 cards.
A company security audit reported that malware has been installed throughout the system transaction processing credit and debit cards, compromising the data of thousands of enterprise customers from 21 September until 18 November.
The company issued a letter to its customers that the company hired a forensic analysis and that is available to repay all of its customers any expenses caused by his 'failure'.
Symantec estimates that cybercrime an average income of U.S. $ 144 billion per year. To have a basis of comparison, all bank robberies in 2010 amounted to U.S. $ 43 million and the global cocaine market in the world totaled $ 85 billion.
The crime has evolved continuously, but the default user is still innocent.
