Stealing money in the digital age: The dark industry of trafficking financial data

Cybercriminal gangs dealing in credit card and other financial data have refined their tools and changed their ideology for more profitable attacks.

One day in May 2001, a group of Russian-speaking hackers met at a restaurant in Odessa and created the credit card forum CarderPlanet, which quickly became an infamous shop for cybercriminal tools and services. For the first time, anyone who wanted to be filthy rich had everything they needed, from credit card data to malware, to community support.

This forum, which democratized carding, was shut down in 2004, but its effects are still felt today. Eastern Europe continues to be a hotspot for financial cybercrimes, although the tools have changed.

Skimmers, who steal money from ATMs by placing hidden electronic devices, rarely make headlines. These days, more advanced techniques are in place. A few months ago, for instance, Kaspersky published its findings on Genesis, an online shop that traded 60,000 digital identities. This is data on user behavior and device specs that anti-fraud systems analyze when trying to see if the person entering their credentials on an online shop is indeed them.

Moreover, attacks against financial organizations originating in the region, such as those launched by the Carbanak group, have multiplied, and have increased in complexity.

The gap between today’s cybercriminals and those operating in the 2000s is colossal, security researcher Sergey Lozhkin tells me.

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!