Authorities in Europe arrested 44 members of a global credit card fraud network in a joint operation that took down a criminal gang that targeted victims in 16 countries.
The operation, dubbed ‘Pandora-Storm‘, was conducted by the Romanian Cybercrime Unit in Romania in cooperation with Europol’s European Cybercrime Centre (EC3). As a result of the operation, two illegal workshops for producing devices and software to manipulate point-of-sale (POS) terminals were dismantled, and illegal electronic equipment, financial data, cloned cards and cash were seized during 82 house searches in Romania and the United Kingdom.
On March 28, arrests were carried out from the command centre set up in Bucharest by the Romanian Police.
According to Europol, the gang victimized roughly 36,000 bank and credit card holders. The gang stole people’s credit and debit card numbers and PIN codes by implanting card reading devices and malicious software on POS terminals. The crew then used counterfeit payment cards with stolen data in Argentina, Colombia, the Dominican Republic, Japan, Mexico, South Korea, Sri Lanka, Thailand and USA. The members of the group are also responsible for setting up a sophisticated criminal network for online fraud, authorities said.
POS malware is not new. Just recently, researchers at Group-IB told SecurityWeek about a malware campaign targeting POS systems and ATMs that has stolen payment card information from several U.S. banks. Called the ‘Dump Memory Grabber’, the malware scans the memory of point-of-sale systems and ATMs looking for credit card data. The researchers believe the malware has already been used to steal data from credit and debit cards issued by major US banks, including Chase, Capital One, Citibank, and Union Bank of California.
Additionally, a Boston-based liquor store warned customers this week that a “sophisticated malware attack” had compromised some customers’ credit and debit card information after its point-of-sale systems were infected with malware.
“This case is another example of excellent police work and flawless cooperation and a proof of the fact that EU law enforcement cooperation continues to improve,” Troels Oerting, Head of European Cybercrime Centre (EC3) at Europol, said in a statement regarding the recent arrests. “This is a good sign for the future when increased cybercrime will become a great challenge for the LE community.”