fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Russia Arrests Third Hacking Group, Reportedly Seizes Carding Forums

Russia Arrests Third Hacking Group, Reportedly Seizes Carding Forums

Russia arrested six people today, allegedly part of a hacking group involved in the theft and selling of stolen credit cards.

Russian media reports that the arrests come at the request of investigators from the Ministry of Internal Affairs of the Russian Federation.

“The Tverskoy Court of Moscow received petitions from the investigation to select a measure of restraint in the form of detention against six people suspected of committing a crime under part 2 of article 187 of the Criminal Code of the Russian Federation (“Illegal circulation of means of payment”),” said press court clerk Ksenia Rozina in a statement to TASS Russian News Agency.

Also Read: Tools for penetration testing to choose from

Article 187 of the “The Criminal Code Of The Russian Federation” relates to “The making of counterfeit credit or debit cards, and also of other payment documents, which are not securities, with the purpose of their utterance or their sale”.

Russian law enforcement has not specified what hacking groups the arrested individuals were allegedly affiliated with. 

However, in possibly related news, three carding forums/marketplaces devoted to the theft and selling of stolen credit cards suddenly displayed seizure notices today claiming to be from the Russian government.

BleepingComputer has confirmed that the websites for SkyFraud, Ferum, Trump’s Dumps, and U-A-S Shop now show notices saying the sites were seized by Management “K” of the BSTM of the Ministry of Internal Affairs of Russia.

SkyFraud seizure message by Russian law enforcement
SkyFraud seizure message by Russian law enforcement
Source: BleepingComputer

The seizure message translated by Google Translate reads in English as:

THIS RESOURCE IS BLOCKED

The SKYFRAUD resource was closed forever during a special law enforcement operation.

Management “K” of the BSTM of the Ministry of Internal Affairs of Russia warns: theft of funds from bank cards is illegal!

Art. 187 of the Criminal Code of the Russian Federation: Production, acquisition, storage, transportation for the purpose of use or sale, as well as the sale of counterfeit payment cards, money transfer orders, documents or means of payment, as well as electronic means, electronic media, technical devices, computer programs, intended for illegal acceptance, issuance, transfer of funds.

Punishable by imprisonment for up to seven years.

While these seizure notices cite the same Russian Criminal Code offense as today’s arrests of the six individuals, it has not been confirmed if the notices are legitimate or even related.

Also Read: What it means to get a Data Protection Trustmark Certification

Security researcher Soufiane Tahiri also discovered that the source code for the sky-fraud.ru seizure notice includes a hidden message for other Russian hackers, saying “КТО ИЗ ВАС СЛЕДУЮЩИЙ?”

Translated into English, this warning says, “WHICH OF YOU IS NEXT?”

Hidden warning message left by Russian law enforcement
Hidden warning message left by Russian law enforcement
Source: BleepingComputer

These arrests mark the third hacking group arrested by Russian authorities since the beginning of 2022.

In January, Russia seized $6 million and arrested fourteen individuals associated with REvil, a notorious ransomware operation responsible for numerous cyberattacks worldwide.

At the end of the month, Russia also arrested the leader of the Infraud Organization, a hacking group that caused more than $560 million in losses to businesses worldwide.

This stream of arrests by Russia is unusual as the country does not have a history of cooperating in the crackdown on cybercrime operating within its borders.

However, after DarkSide’s ransomware attack on Colonial Pipeline and REvil’s attack on Kaseya, the White House and Russian representatives have been working to increase cooperation to stem the rising tide of hacking activities originating from Russia.

H/T Dmitry Smilyanets

Update 2/7/22: Added Trump’s Dumps to the list of stolen credit card forums/marketplaces seized today. While likely related, we updated the story to indicate that the seizure messages have not been confirmed by Russian law enforcement.

Update 2/8/22: Added U-A-S Shop to list of seized carding sites.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us