Helps you bypass the iPhone passcode in case you forgot it and the device became unusable or you have to wait for a long time before attempting to unlock it againFULL VERSION + CRACK
With this simple and intuitive application, you can swiftly download all your favorite online videos to your computer, in just a couple of movesFULL VERSION + CRACK
Real-time voice changer that works with any application and comes equipped with an extensive collection of voices and ambient effectsFULL VERSION + CRACK
Take advantage of stunning sound quality and realism in your multimedia experiences, with sound that surrounds you with the help of this app that gives you a free trial of Dolby Atmos.FULL VERSION + CRACK
A fully-featured recoding studio that provides a complete set of tools for musicians who need to write, record, edit and mix musicFULL VERSION + CRACK
Three members of a group that infected hundreds of websites from around the world with payment card stealing malware were arrested in Indonesia, the International Criminal Police Organization (INTERPOL) announced Tuesday. The arrests are the result of a larger multi-national law enforcement investigation that continues in other countries from the Southeast Asia region.
The three suspects, aged 23, 27, and 35, are accused of using the payment card details they stole to purchase electronic and luxury items and then selling them for a profit. They are facing prison sentences of up to 10 years.
The most notorious of these web skimmers is called Magecart and has been used in a large number of attacks over the past few years, including against very high-profile brands. Magecart is used by over a dozen groups of hackers whose campaigns range from basic to very sophisticated and from widespread to highly targeted. In some of the more stealthy attacks the code is customized to work only with the victim's website.
Russian cybersecurity firm Group-IB, who worked with INTERPOL and the Indonesian Police on this investigation, tracks the sniffer used as GetBilling, but according to another company called Sanguine Security, it is part of the Magecart family.
"Sanguine Security has been tracking the activity of this group for several years and has identified not 12 but 571 hacks by the same individuals," the company said in a blog post following the arrests announcement. "These hacks could be attributed because of an odd message that was left in all of the skimming code: 'Success gan !' [which] translates to 'Success bro' in Indonesian and has been present for years on all of their skimming infrastructure."
The three suspects were actually apprehended in December, but their arrest was not initially made public. That might be because of the larger law-enforcement effort dubbed Operation Night Fury that's underway and is looking at additional attacks in the region.
In fact, according to Sanguine, new attacks with the same code have been observed since December and at least 27 online stores are currently infected. This means other members of the group could still be at large.
Group-IB, which has been tracking GetBilling attacks since 2018, has identified almost 200 infected websites in Indonesia, Australia, Europe, the United States, South America and other regions. In addition to physical goods, the group was also using stolen credit cards to pay for hosting services and new domains that they used in their attacks. Some of that infrastructure was hosted in Indonesia, but they always used VPN services to interact with it.
The number of web skimming attacks has been growing over the past two years, with security firms detecting new such breaches every hour. Since this activity is so lucrative for cybercriminals, new skimmers have entered the underground market and have become commoditized, so these attacks are unlikely to stop anytime soon.
To put things in perspective, the Indonesian group was only responsible for 1% of all Magecart incidents detected since 2017 by Sanguine. The company estimates that there are at least 40 to 50 sophisticated individuals involved in web skimming activity.
E-commerce site owners and companies running shopping carts on their websites should regularly scan their websites for infections and keep their content management software and plug-ins up to date. Administrative credentials should also be strong and well protected. Web application firewalls can be used to detect and block intrusion attempts, but there are also other technologies like Content Security Policy (CSP) and Subresource Integrity (SRI) that can be used to restrict loaded scripts and prevent potential infections from impacting customers.
This story, "Magecart-related arrests made in Indonesia" was originally published by CSO.