iMyFone LockWiper

iMyFone LockWiper

Helps you bypass the iPhone passcode in case you forgot it and the device became unusable or you have to wait for a long time before attempting to unlock it again

FULL VERSION + CRACK
Flvto Youtube Downloader

Flvto Youtube Downloader

With this simple and intuitive application, you can swiftly download all your favorite online videos to your computer, in just a couple of moves

FULL VERSION + CRACK
Voicemod

Voicemod

Real-time voice changer that works with any application and comes equipped with an extensive collection of voices and ambient effects

FULL VERSION + CRACK
Dolby Access

Dolby Access

Take advantage of stunning sound quality and realism in your multimedia experiences, with sound that surrounds you with the help of this app that gives you a free trial of Dolby Atmos.

FULL VERSION + CRACK
Logic Pro X

Logic Pro X

A fully-featured recoding studio that provides a complete set of tools for musicians who need to write, record, edit and mix music

FULL VERSION + CRACK

IT News

Feb 19
Vulnerabilities in unvalidated peripheral firmware such as WiFi adapters, cameras, and network interface controllers give attackers control over systems.
Feb 19
Creating an immutable ledger to track metadata associated with published content shows promise as a method for identifying authentic news.
Feb 18
IT admins who signed up for Windows 7 post-retirement support found out there's a new prerequisite that has to be installed before they can download patches they've already paid for.
Feb 17
Command-line interface to the code hosting platform can be used for issues and pull requests
Feb 15
Employers that rely on foreign national talent face new electronic filing system and modified registration timeline for FY 2021 filing period.
Feb 14
Arista confirmed what had been rumored for the past few weeks, that it has acquired software-defined networking/cloud software vendor Big Switch Networks for an undisclosed amount.
Feb 14
The flaws could let a hacker alter, stop or expose how a person has voted.

Categories

Magecart-related arrests made in Indonesia

Three members of a group that infected hundreds of websites from around the world with payment card stealing malware were arrested in Indonesia, the International Criminal Police Organization (INTERPOL) announced Tuesday. The arrests are the result of a larger multi-national law enforcement investigation that continues in other countries from the Southeast Asia region.

The three suspects, aged 23, 27, and 35, are accused of using the payment card details they stole to purchase electronic and luxury items and then selling them for a profit. They are facing prison sentences of up to 10 years.

INTERPOL refers to the malware used by the group as a JavaScript sniffer, but this is more commonly known in the security industry as a web skimmer. It consists of a malicious piece of JavaScript code that is inserted into a website -- typically in its checkout pages -- and is designed to steal the personal and payment information entered by customers.

The most notorious of these web skimmers is called Magecart and has been used in a large number of attacks over the past few years, including against very high-profile brands. Magecart is used by over a dozen groups of hackers whose campaigns range from basic to very sophisticated and from widespread to highly targeted. In some of the more stealthy attacks the code is customized to work only with the victim's website.

Russian cybersecurity firm Group-IB, who worked with INTERPOL and the Indonesian Police on this investigation, tracks the sniffer used as GetBilling, but according to another company called Sanguine Security, it is part of the Magecart family.

"Sanguine Security has been tracking the activity of this group for several years and has identified not 12 but 571 hacks by the same individuals," the company said in a blog post following the arrests announcement. "These hacks could be attributed because of an odd message that was left in all of the skimming code: 'Success gan !' [which] translates to 'Success bro' in Indonesian and has been present for years on all of their skimming infrastructure."

Operation Night Fury investigation is ongoing

The three suspects were actually apprehended in December, but their arrest was not initially made public. That might be because of the larger law-enforcement effort dubbed Operation Night Fury that's underway and is looking at additional attacks in the region.

In fact, according to Sanguine, new attacks with the same code have been observed since December and at least 27 online stores are currently infected. This means other members of the group could still be at large.

Group-IB, which has been tracking GetBilling attacks since 2018, has identified almost 200 infected websites in Indonesia, Australia, Europe, the United States, South America and other regions. In addition to physical goods, the group was also using stolen credit cards to pay for hosting services and new domains that they used in their attacks. Some of that infrastructure was hosted in Indonesia, but they always used VPN services to interact with it.

"According to Group-IB's annual 2019 threat report, the number of compromised cards uploaded to underground forums increased from 27.1 million to 43.8 million in H2 2108-H1 2019 year-on-year," the company said. "The size of the carding market, in turn, grew by 33% and amounted to USD 879.7 million. The sale of CVV data is also on rise today, having increased by 19% in the corresponding period, and one of the key reasons behind this trend could be JavaScript sniffers."

The number of web skimming attacks has been growing over the past two years, with security firms detecting new such breaches every hour. Since this activity is so lucrative for cybercriminals, new skimmers have entered the underground market and have become commoditized, so these attacks are unlikely to stop anytime soon.

Arrested group a small part of Magecart

To put things in perspective, the Indonesian group was only responsible for 1% of all Magecart incidents detected since 2017 by Sanguine. The company estimates that there are at least 40 to 50 sophisticated individuals involved in web skimming activity.

E-commerce site owners and companies running shopping carts on their websites should regularly scan their websites for infections and keep their content management software and plug-ins up to date. Administrative credentials should also be strong and well protected. Web application firewalls can be used to detect and block intrusion attempts, but there are also other technologies like Content Security Policy (CSP) and Subresource Integrity (SRI) that can be used to restrict loaded scripts and prevent potential infections from impacting customers.

This story, "Magecart-related arrests made in Indonesia" was originally published by CSO.