Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Card Fraud Platform Mimics Human Behavior to Avoid Detection

Cybercriminals have developed a piece of software that’s designed to help payment card fraudsters automate unauthorized charges to ensure that they make a profit before their activities are picked up by fraud detection systems.

Cybercriminals have developed a piece of software that’s designed to help payment card fraudsters automate unauthorized charges to ensure that they make a profit before their activities are picked up by fraud detection systems.

Payment card fraudsters are always looking for ways to improve their operations and the new platform provided by an organized crime group called “Voxis Team,” which surfaced on the black market in August, might be exactly what they need.

According to researchers from threat intelligence firm IntelCrawler, who have been monitoring Voxis Team, the new automated tool can be used to send batches of fraudulent payment card charges to multiple gateway processors.

A payment gateway is a service that’s used to authorize credit card payments for online stores and facilitates the transfer of information between the website and the bank.

CybercrimeWhen they get their hands on stolen payment card data, cybercriminals open merchant accounts with a payment gateway, for which they use money mules and stolen identities. They also set up fake websites to get the payment gateways to approve their accounts. Once they obtain a merchant account, they must quickly make transactions with the stolen cards before they’re detected by anti-fraud systems.

The Voxis Platform helps increase the chances of having the fraudulent charges authorized by emulating human behavior and buying patterns.

“Taking advantage of fraudulently obtained merchant accounts, bad actors can use speed to automate and load cards to be charged for pre determined amounts at predetermined times, all with the goal of sliding under fraud detection systems,” IntelCrawler said in a blog post.

The authors of the Voxis Platform claim their solution can use a total of 32 payment gateways, including Coinbase, MultiSafepay, PayPal, WorldPay, and Stripe.

“The list of fully supported payment gateways includes some famous payment processing companies, which if exploited, may incur compliance issues, AML regulations issues, and chargeback concerns for the merchants and their respective acquiring banks,” IntelCrawler noted.

Advertisement. Scroll to continue reading.

One interesting feature of the platform is called “Autofill Missing Info.” The feature uses the API from the people search engine Pipl.com to automatically fill in cardholder information that might be missing.

Tens of millions of credit and debit cards have been stolen recently and experts say this has created a demand on the underground market for methods that can be used to monetize the data quickly. Researchers have noticed that cybercrime groups pool their programming resources to create tools.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.