December 3, 2012 – A joint international criminal investigation has resulted in seven people being charged in Romania for the largest credit card data theft in Australia’s history. The criminal syndicate had access to 500,000 Australian credit cards and approximately 30,000 credit cards have been used for fraudulent transactions amounting to more than $30 million.
The gang exploited loopholes in POS terminal security at 100 small businesses across Australia, recording card details to create counterfeit cards that were used in numerous overseas locations including Europe, Hong Kong, Australia and the United States. Australian Federal Police (AFP) manager for cyber crime operations, commander Glen McEwen says the arrests are the result of significant cooperation across law enforcement and the financial industry.
„This is the largest data breach investigation ever undertaken by Australian law enforcement,” he says. „Without the cooperation of 13 other countries, along with Australia’s banking and finance sector, we would not have been able to track these illegal transactions to the criminal network in Romania. Today’s successful outcome is a culmination of 17 months of hard work with these partners.”
Sursa: finextra.com
Update
DIICOT confirma ca operatiunile frauduloase ale romanilor sunt de peste 25 mil. USD
Procurorii Directiei de Investigare a Infractiunilor de Criminalitate Organizată si Terorism – Structura Centrala, impreuna cu ofiteri de politie judiciara din cadrul D.C.C.O. – S.C.C.I., au procedat la destructurarea unui grup infractional organizat, constituit din 16 persoane, specializat in savarsirea de infractiuni informatice – potrivit comunicatului de presa de la sfarsitul lunii trecute.
Invinuitii au utilizat mai multe societati comerciale, avand ca obiect de activitate furnizarea unor servicii IT, pentru crearea si intretinerea unei infrastructuri informatice care sa permita accesul fara drept, cu incalcarea masurilor de securitate si cu scopul obtinerii de date informatice, in sistemele informatice apartinand unor companii straine cunoscute, de tip benzinarii sau magazine alimentare.
Membrii gruparii actionau in vederea interceptăaii fara drept a transmisiilor de date informatice nepublice intre sistemele implicate in realizarea/autentificarea platilor cu carti de credit, cu ajutorul unor aplicatii special concepute in acest sens, instalate fara drept pe sistemele informatice vizate.
Conform instructiunilor aplicatiei de interceptare, datele de identificare ale instrumentelor de plata electronice (carti de credit) capturate fie se salvau local si ulterior erau transferate, fie se retransmiteau automat pe servere dedicate sau in conturi de email, de unde erau ulterior descarcate in scopul transmiterii/vanzarii catre alte persoane ori in vederea contrafacerii si utilizarii frauduloase a acestora.
Cu titlu de exemplu, in perioada decembrie 2011 – octombrie 2012 prin intermediul unui ”magazin” virtual specializat s-au vandut un numar de 68.000 carduri pentru pretul de 4 USD/card, invinuitii obtinand un profit de 270.000 USD. Urmare a activitatii infractionale desfasurate de catre invinuiti au fost efectuate operatiuni frauduloase cu un numar de 500.000 de instrumente de plata electronica, totalizand o valoare de peste 25 milioane USD.
Banking 4.0 – „how was the experience for you”
„So many people are coming here to Bucharest, people that I see and interact on linkedin and now I get the change to meet them in person. It was like being to the Football World Cup but this was the World Cup on linkedin in payments and open banking.”
Many more interesting quotes in the video below: