Tag: credit-card
-
After researchers unmasked a prolific SMS scammer, a new operation has emerged in its wake
Security researchers are now sounding the alarm on a new SMS text message fraud operation, which is surging in popularity, and its ability to steal people’s credit cards, since the demise of its predecessor. First seen on techcrunch.com Jump to article: techcrunch.com/2025/08/10/after-researchers-unmasked-a-prolific-sms-scammer-a-new-operation-has-emerged-in-its-wake/
-
Air France, KLM Alert Authorities of Data Breach
While no sensitive financial data like credit card information was compromised, the threat actors were able to get away with names, email addresses, phone numbers, and more. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/air-france-klm-data-breach
-
PXA Stealer Distributed via Telegram Harvests 200K Passwords and Credit Card Data
SentinelLABS and Beazley Security have uncovered a sophisticated infostealer campaign deploying the Python-based PXA Stealer, which has rapidly evolved since late 2024 to incorporate advanced anti-analysis techniques, decoy content, and hardened command-and-control (C2) infrastructure. This operation, linked to Vietnamese-speaking cybercriminal networks, leverages Telegram’s API for automated data exfiltration and monetization, feeding into underground marketplaces like…
-
Python-powered malware snags hundreds of credit cards, 200K passwords, and 4M cookies
PXA Stealer pilfers data from nearly 40 browsers, including Chrome First seen on theregister.com Jump to article: www.theregister.com/2025/08/04/pxa_stealer_4000_victims/
-
Unberechtigte Abbuchungen bei HypoVereinsbank-Kreditkarte: Datenabfluss?
Tags: credit-cardIch stelle mal ein Thema hier im Blog ein, was mir aus zwei Quellen zugegangen ist. Leser haben mir darüber informiert, dass plötzlich Kreditkarten Commerzbank und HypoVereinsbank unberechtigt belastet wurden und vermuten Datenlecks. Meine Vermutung auf Skimming in Online-Shops oder … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/27/unberechtigte-abbuchungen-bei-hypovereinsbank-kreditkarte-datenabfluss/
-
Dark Web Hackers Moonlight as Travel Agents
Hackers are using stolen goods such as credit cards and loyalty points to book travel for sometimes unsuspecting clients, and remote workers, SMBs, travel brands, and others are at risk. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/dark-web-hackers-moonlight-travel-agents
-
Malicious LNK File Posing as Credit Card Security Email Steals User Data
Tags: authentication, credit-card, cyber, data, email, exploit, finance, malicious, powershell, threatThreat actors have deployed a malicious LNK file masquerading as a credit card company’s security email authentication pop-up to pilfer sensitive user information. The file, named >>card_detail_20250610.html.lnk,
-
Dark Web Travel Agencies Exploit Cheap Deals to Steal Credit Card Data
Dark web travel agencies have developed into highly skilled organizations operating in the murky corners of cybercrime, using hacked credit card information, compromised loyalty accounts, and faked identities to provide drastically reduced travel services. According to recent analysis by SpiderLabs, these operations exploit popular booking aggregators rather than targeting specific hotel chains or airlines, adapting…
-
How defenders use the dark web
Tags: access, antivirus, attack, breach, corporate, credit-card, crypto, cyber, cybercrime, dark-web, data, data-breach, email, extortion, finance, fraud, government, group, hacker, healthcare, identity, incident, insurance, intelligence, Internet, interpol, law, leak, lockbit, mail, malware, monitoring, network, phishing, ransom, ransomware, service, software, theft, threat, tool, usa, vpnAttributing attacks to threat actors: When organizations suffer from data breaches and cyber incidents, the dark web becomes a crucial tool for defenders, including the impacted businesses, their legal teams, and negotiators.Threat actors such as ransomware groups often attack organizations to encrypt and steal their data so they can extort them for money, in exchange…
-
New Phishing Attack Impersonates DWP to Steal Credit Card Information from Users
A sophisticated phishing campaign targeting UK residents has been active since late May 2025, with a significant surge in activity during the second half of June. This malicious operation impersonates the Department for Work and Pensions (DWP), a key UK government body responsible for welfare and pension services, by sending fraudulent SMS messages to unsuspecting…
-
Cyberattacks are draining millions from the hospitality industry
Every day, millions of travelers share sensitive information like passports, credit card numbers, and personal details with hotels, restaurants, and travel services. This puts … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/03/hospitality-industry-cybersecurity-challenges/
-
Qantas Airlines Breached, Impacting 6M Customers
Tags: credit-cardPassengers’ personal information was likely accessed via a third-party platform used at a call center, but didn’t include passport or credit card info. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/qantas-airlines-breached-6m-customers
-
China-linked hackers spoof big-name brand websites to steal shoppers’ payment info
The campaign uses thousands of phishing websites that mimic the design and product listings of retailers like Apple, Nordstrom and Hermes to trick people into entering their credit card information. First seen on therecord.media Jump to article: therecord.media/china-linked-hackers-website-phishing
-
Cyberangriff auf australische Fluggesellschaft Qantas
Die australische Fluggesellschaft Qantas ist Opfer einer Cyberattacke.Die australische Fluggesellschaft Qantas ist Opfer eines Cyberangriffs geworden. Hacker hätten sich Zugang zu wichtigen Daten von bis zu sechs Millionen Kundinnen und Kunden verschafft, darunter Namen, E-Mail-Adressen, Telefonnummern, Geburtsdaten und Vielfliegernummern, teilte die Airline mit. Betroffen war demnach eine Plattform eines Drittanbieters. Qantas erklärte, dass in dem…
-
Apple ID, credit card details targeted by CapCut phishing
First seen on scworld.com Jump to article: www.scworld.com/brief/apple-id-credit-card-details-targeted-by-capcut-phishing
-
Cybercriminals Exploit CapCut Popularity to Steal Apple ID Credentials and Credit Card Data
Threat actors have capitalized on the immense popularity of CapCut, the leading short-form video editing app, to orchestrate a highly deceptive phishing campaign. According to the Cofense Phishing Defense Center (PDC), attackers are deploying meticulously crafted fake invoices that impersonate CapCut’s branding to lure users into surrendering their Apple ID credentials and credit card information.…
-
New WordPress Malware Hides on Checkout Pages and Imitates Cloudflare
Wordfence exposes a sophisticated WordPress malware campaign using a rogue WordPress Core plugin. Active since 2023, it steals credit cards and credentials with advanced anti-detection. First seen on hackread.com Jump to article: hackread.com/wordpress-malware-checkout-pages-imitates-cloudflare/
-
Malware Campaign Uses Rogue WordPress Plugin to Skim Credit Cards
A long-running malware campaign targeting WordPress via a rogue plugin has been observed skimming data, stealing credentials and user profiling First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/rogue-wordpress-plugin-skim-credit/
-
$17 Million Black Market Empire Crushed in Cybercrime Sting
The U.S. government has seized approximately 145 domains associated with the BidenCash marketplace and other criminal marketplaces, effectively dismantling one of the most notorious darknet operations for trafficking stolen credit card data and personal information. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/bidencash-marketplace-domains-seized/
-
BidenCash busted as Feds nuke stolen credit card bazaar
Dark web crime platform raked in $17M+ over three years of operation First seen on theregister.com Jump to article: www.theregister.com/2025/06/05/bidencash_busted/
-
What Links Hospital Outages, Crypto Botnets, and Sneaky Zip Files? A Ransomware Chaos
Listen to this article A massive nonprofit hospital network in Ohio, 14 medical centers strong, brought to its knees by cybercriminals”, likely the gang behind the Interlock ransomware. Elective surgeries were canceled. Outpatient appointments paused. And to make it worse? Scammers posing as hospital staff started calling patients asking for their credit card numbers. “Your…
-
DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown
The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of cryptocurrency funds and about 145 clearnet and dark web domains associated with an illicit carding marketplace called BidenCash.”The operators of the BidenCash marketplace use the platform to simplify the process of buying and selling stolen credit cards and associated personal information,” the DoJ…
-
Feds seize 145 domains associated with BidenCash cybercrime platform
The cybercrime marketplace was used by more than 117,000 customers and trafficked more than 15 million credit card numbers since March 2022, the Justice Department said. First seen on cyberscoop.com Jump to article: cyberscoop.com/bidencash-marketplace-domains-seized/
-
BidenCash carding market domains seized in international operation
Earlier today, law enforcement seized multiple domains of BidenCash, the infamous dark web market for stolen credit cards, personal information, and SSH access. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/bidencash-carding-market-domains-seized-in-international-operation/
-
New Formjacking Malware Targets E-Commerce Sites to Steal Credit Card Data
A disturbing new formjacking malware has emerged, specifically targeting WooCommerce-based e-commerce sites to steal sensitive credit card information, as recently uncovered by the Wordfence Threat Intelligence team. Unlike conventional card skimmers that overlay fake forms on checkout pages, this malware seamlessly integrates into the legitimate payment workflow of WooCommerce sites, mimicking their design and functionality…
-
FBI, Microsoft, international cops bust Lumma infostealer service
Credit card theft losses in 2023 alone totaled $36.5M First seen on theregister.com Jump to article: www.theregister.com/2025/05/21/lumma_infostealer_service_busted/
-
Microsoft leads international takedown of Lumma Stealer
The Lumma infostealer malware is a popular way for hackers to steal passwords, credit cards and cryptocurrency wallets. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/microsoft-takedown-lumma-stealer/748727/
-
Two years’ jail for down-on-his-luck man who sold ransomware online
A man has been jailed in Ireland for two years after pleading guilty to offences related to his illegal online business that sold ransomware and other malware, as well as stolen credit card details, and false bank accounts. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/two-years-jail-for-down-on-his-luck-man-who-sold-ransomware-online
-
Betrug bei ADAC-Kreditkarten: Datenabfluss bei Solaris Bank?
Kurze Information zu einem Problem, auf das mich ein Blog-Leser hinwies. Einem Nutzer sind über eine ADAC-Kreditkarte (inzwischen von der Solaris-Bank geführt) unberechtigt Beträge von Zalando abgebucht worden. Der Vorgang legt den Verdacht nahe, dass jemand genau die Limits des … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/05/10/datenabfluss-bei-adac-solaris-bank/