Tag: credit-card
-
Cybercriminals Exploit CapCut Popularity to Steal Apple ID Credentials and Credit Card Data
Threat actors have capitalized on the immense popularity of CapCut, the leading short-form video editing app, to orchestrate a highly deceptive phishing campaign. According to the Cofense Phishing Defense Center (PDC), attackers are deploying meticulously crafted fake invoices that impersonate CapCut’s branding to lure users into surrendering their Apple ID credentials and credit card information.…
-
New WordPress Malware Hides on Checkout Pages and Imitates Cloudflare
Wordfence exposes a sophisticated WordPress malware campaign using a rogue WordPress Core plugin. Active since 2023, it steals credit cards and credentials with advanced anti-detection. First seen on hackread.com Jump to article: hackread.com/wordpress-malware-checkout-pages-imitates-cloudflare/
-
Malware Campaign Uses Rogue WordPress Plugin to Skim Credit Cards
A long-running malware campaign targeting WordPress via a rogue plugin has been observed skimming data, stealing credentials and user profiling First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/rogue-wordpress-plugin-skim-credit/
-
$17 Million Black Market Empire Crushed in Cybercrime Sting
The U.S. government has seized approximately 145 domains associated with the BidenCash marketplace and other criminal marketplaces, effectively dismantling one of the most notorious darknet operations for trafficking stolen credit card data and personal information. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/bidencash-marketplace-domains-seized/
-
BidenCash busted as Feds nuke stolen credit card bazaar
Dark web crime platform raked in $17M+ over three years of operation First seen on theregister.com Jump to article: www.theregister.com/2025/06/05/bidencash_busted/
-
What Links Hospital Outages, Crypto Botnets, and Sneaky Zip Files? A Ransomware Chaos
Listen to this article A massive nonprofit hospital network in Ohio, 14 medical centers strong, brought to its knees by cybercriminals”, likely the gang behind the Interlock ransomware. Elective surgeries were canceled. Outpatient appointments paused. And to make it worse? Scammers posing as hospital staff started calling patients asking for their credit card numbers. “Your…
-
DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown
The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of cryptocurrency funds and about 145 clearnet and dark web domains associated with an illicit carding marketplace called BidenCash.”The operators of the BidenCash marketplace use the platform to simplify the process of buying and selling stolen credit cards and associated personal information,” the DoJ…
-
Feds seize 145 domains associated with BidenCash cybercrime platform
The cybercrime marketplace was used by more than 117,000 customers and trafficked more than 15 million credit card numbers since March 2022, the Justice Department said. First seen on cyberscoop.com Jump to article: cyberscoop.com/bidencash-marketplace-domains-seized/
-
BidenCash carding market domains seized in international operation
Earlier today, law enforcement seized multiple domains of BidenCash, the infamous dark web market for stolen credit cards, personal information, and SSH access. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/bidencash-carding-market-domains-seized-in-international-operation/
-
New Formjacking Malware Targets E-Commerce Sites to Steal Credit Card Data
A disturbing new formjacking malware has emerged, specifically targeting WooCommerce-based e-commerce sites to steal sensitive credit card information, as recently uncovered by the Wordfence Threat Intelligence team. Unlike conventional card skimmers that overlay fake forms on checkout pages, this malware seamlessly integrates into the legitimate payment workflow of WooCommerce sites, mimicking their design and functionality…
-
FBI, Microsoft, international cops bust Lumma infostealer service
Credit card theft losses in 2023 alone totaled $36.5M First seen on theregister.com Jump to article: www.theregister.com/2025/05/21/lumma_infostealer_service_busted/
-
Microsoft leads international takedown of Lumma Stealer
The Lumma infostealer malware is a popular way for hackers to steal passwords, credit cards and cryptocurrency wallets. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/microsoft-takedown-lumma-stealer/748727/
-
Two years’ jail for down-on-his-luck man who sold ransomware online
A man has been jailed in Ireland for two years after pleading guilty to offences related to his illegal online business that sold ransomware and other malware, as well as stolen credit card details, and false bank accounts. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/two-years-jail-for-down-on-his-luck-man-who-sold-ransomware-online
-
Betrug bei ADAC-Kreditkarten: Datenabfluss bei Solaris Bank?
Kurze Information zu einem Problem, auf das mich ein Blog-Leser hinwies. Einem Nutzer sind über eine ADAC-Kreditkarte (inzwischen von der Solaris-Bank geführt) unberechtigt Beträge von Zalando abgebucht worden. Der Vorgang legt den Verdacht nahe, dass jemand genau die Limits des … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/05/10/datenabfluss-bei-adac-solaris-bank/
-
Opening Up Open Banking: The CFPB’s Personal Financial Data Rights Rule
Tags: access, automation, banking, compliance, container, control, credit-card, data, finance, identity, monitoring, privacy, regulation, service, software, switch, toolOpening Up Open Banking: The CFPB’s Personal Financial Data Rights Rule andrew.gertz@t“¦ Tue, 05/06/2025 – 18:23 Explore the impact of the CFPB’s new Personal Financial Data Rights rule and how it aims to empower consumers, drive competition, and reshape open banking in the U.S. Ammar Faheem – Director Product Marketing (CIAM) More About This Author…
-
Darcula PhaaS: 884,000 Credit Card Details Stolen from 13 Million Global User Clicks
The Darcula group has orchestrated a massive phishing-as-a-service (PhaaS) operation, dubbed Magic Cat, compromising an estimated 884,000 credit card details from over 13 million user interactions worldwide. This smishing (SMS phishing) campaign, first detected in December 2023, impersonates trusted brands like the Norwegian Postal Service to lure victims into divulging sensitive information. Sophisticated Phishing-as-a-Service Operation…
-
Darcula PhaaS steals 884,000 credit cards via phishing texts
The Darcula phishing-as-a-service (PhaaS) platform stole 884,000 credit cards from 13 million clicks on malicious links sent via text messages to targets worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/darcula-phaas-steals-884-000-credit-cards-via-phishing-texts/
-
Darcula PhaaS steals 884,000 credit cards via SMS phishing texts
The Darcula phishing-as-a-service (PhaaS) platform stole 884,000 credit cards from 13 million clicks on malicious links sent via text messages to targets worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/darcula-phaas-steals-884-000-credit-cards-via-sms-phishing-texts/
-
Subscription-Based Scams Targeting Users to Steal Credit Card Information
Cybersecurity researchers at Bitdefender have identified a significant uptick in subscription-based scams, characterized by an unprecedented level of sophistication and scale. These fraudulent operations, involving over 200 meticulously crafted websites, are designed to deceive users into divulging sensitive credit card information through recurring payment schemes. Unlike traditional phishing attempts with obvious red flags, these scams…
-
Phishing Emails Impersonating Qantas Target Credit Card Info
Fake Qantas emails in a sophisticated phishing scam steal credit card and personal info from Australians, bypassing major… First seen on hackread.com Jump to article: hackread.com/phishing-emails-impersonate-qantas-credit-card-info/
-
Mystery Box Scams Deployed to Steal Credit Card Data
Bitdefender highlighted the growing use of subscription scams, in which victims are lured by adverts into recurring payments for fake products First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mystery-box-scams-credit-card-data/
-
New Gremlin Stealer Advertised on Hacker Forums Targets Credit Card Data and Login Credentials
A formidable new information-stealing malware dubbed Gremlin Stealer has surfaced in the cybercrime underground, actively promoted since mid-March 2025 on platforms like the Telegram channel CoderSharp. Discovered by Unit 42 researchers at Palo Alto Networks, this malware, crafted in C#, poses a significant risk to individuals and organizations by targeting a wide array of sensitive…
-
Advanced Multi-Stage Carding Attack Hits Magento Site Using Fake GIFs and Reverse Proxy Malware
A multi-stage carding attack has been uncovered targeting a Magento eCommerce website running an outdated version 1.9.2.4. This version, unsupported by Adobe since June 2020, left the site vulnerable due to unpatched security flaws. The malware employed a deceptive .gif file, tampered browser sessionStorage data, and a malicious reverse proxy server to steal credit card…
-
Was ist Quishing?
Quishing ist eine Kombination der Begriffe ‘QR-Code” und ‘Phishing”. Betrüger nutzen dabei QR-Codes, um Nutzer auf gefälschte Websites umzuleiten, wo sie persönliche Daten wie Login-Informationen, Kreditkarten- oder Bankdaten stehlen. Besonders heimtückisch: QR-Codes sind für das menschliche Auge nicht lesbar, daher erkennen viele Nutzer die Gefahr erst zu spät. Ein konkretes Beispiel: An einem Parkautomaten wird…
-
U.S. Secret Service Reveals Ways to Identify Credit Card Skimmers
With credit card skimming crimes escalating nationwide, the U.S. Secret Service’s Washington Field Office is sharing essential tips for the public to protect themselves from this growing threat, shared by Officials in LinkedIn post. According to the agency, credit card skimming involves criminals installing illicit devices to steal card information, has become a “low-risk, high-reward”…
-
Lesson from huge Blue Shield California data breach: Read the manual
read the documentation of any third party service you sign up for, to understand the security and privacy controls;know what data is being collected from your organization, and what you don’t want shared.”It’s important to understand these giant platforms make it easy for you to share your data across their various services,” he said. “So…
-
NFC-Powered Android Malware Enables Instant Cash-Outs
Researchers at security vendor Cleafy detailed a malware known as SuperCard X that uses the NFC reader on a victim’s own phone to steal credit card funds instantly. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/nfc-android-malware-instant-cash-outs
-
Over 900K pilfered credit card records leaked by BidenCash
First seen on scworld.com Jump to article: www.scworld.com/brief/over-900k-pilfered-credit-card-records-leaked-by-bidencash
-
Smashing Security podcast #413: Hacking the hackers… with a credit card?
A cybersecurity firm is buying access to underground crime forums to gather intelligence. Does that seem daft to you? First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-413/
-
BidenCash Market Dumps 1 Million Stolen Credit Cards on Russian Forum
BidenCash dumps almost a million stolen credit card records on Russian forum, exposing card numbers, CVVs, and expiry dates in plain text with no cardholder names. First seen on hackread.com Jump to article: hackread.com/bidencash-market-leak-credit-cards-russian-forum/