Cybersecurity Weekly: Card details listed for sale, new phishing attack spotted, Sprint support leak

Infosec_Sam

Hackers list 30 million stolen payment card details for sale from the recent Wawa attack. Microsoft detects a new phishing attack that uses HTML attachments. Sprint exposed private customer conversations to the web. All this, and more, in this week’s edition of Cybersecurity Weekly.

1. Hackers list 30 million stolen payment card details for sale

Last December, Wawa convenience stores announced a breach that affected an unknown number of customers who shopped there in 2019. Hackers uploaded 30 million credit cards to Joker’s Stash, one of the largest dark web marketplaces for cybercriminals to buy and sell payment card data.
Read more »

2. Microsoft detects new TA505 malware attacks

Microsoft detected an ongoing TA505 phishing campaign delivering malicious Excel documents. This is the first time Microsoft has seen threat actors adopt an HTML attachment redirection technique. This attack looks like an HTML attachment that automatically downloads the infected Excel document.
Read more »

3. Sprint exposed private customer conversations to web

Shortly after Microsoft leaked internal customer support data to the Internet, Sprint exposed posts in a private customer support community to the internet. A configuration error allowed search engines to crawl through private sections of the community, some of which contained minimal customer data.
Read more »

For more cybersecurity news stories like these, check out the blog »

TechGromit

Infosec_Sam said:

1. Hackers list 30 million stolen payment card details for sale

Last December, Wawa convenience stores announced a breach that affected an unknown number of customers who shopped there in 2019. Hackers uploaded 30 million credit cards to Joker’s Stash, one of the largest dark web marketplaces for cybercriminals to buy and sell payment card data.

While this sounds bad, monetizing card card information really isn't that easy. Orders placed against credit cards shipping to address not the card owner, especially foreign address are quickly flagged for Fraud. Having experienced this first hand, even if the fraud is discovered after shipping an item, you can direct the shipper not to deliver, return to sender. I believe a stolen credit card is only worth around $9 on the dark web, pretty slim profit margins when you consider all the work involved to convert the card into cash or good that can be sold for cash. This is why hacked World of Warcraft accounts were far more valuable at one time, it was easy to convert all of a online characters assets to gold and send the gold over to another account where it could be sold on the open market. However identifiable information is far more valuable, around $25 per identify, opening account in someone else's name are harder to detect and take longer to shut down.

DZA_

TechGromit said:

Infosec_Sam said:

1. Hackers list 30 million stolen payment card details for sale

Last December, Wawa convenience stores announced a breach that affected an unknown number of customers who shopped there in 2019. Hackers uploaded 30 million credit cards to Joker’s Stash, one of the largest dark web marketplaces for cybercriminals to buy and sell payment card data.

While this sounds bad, monetizing card card information really isn't that easy. Orders placed against credit cards shipping to address not the card owner, especially foreign address are quickly flagged for Fraud. Having experienced this first hand, even if the fraud is discovered after shipping an item, you can direct the shipper not to deliver, return to sender. I believe a stolen credit card is only worth around $9 on the dark web, pretty slim profit margins when you consider all the work involved to convert the card into cash or good that can be sold for cash. This is why hacked World of Warcraft accounts were far more valuable at one time, it was easy to convert all of a online characters assets to gold and send the gold over to another account where it could be sold on the open market. However identifiable information is far more valuable, around $25 per identify, opening account in someone else's name are harder to detect and take longer to shut down.

For stolen credit cards, there are different tiers and cards from different banks also determine their value. Generally the highest is Chase bank with the credit card + CVV number which if I recall correctly is over $50 a pop. 

Neil86

TechGromit said:

Infosec_Sam said:

1. Hackers list 30 million stolen payment card details for sale

Last December, Wawa convenience stores announced a breach that affected an unknown number of customers who shopped there in 2019. Hackers uploaded 30 million credit cards to Joker’s Stash, one of the largest dark web marketplaces for cybercriminals to buy and sell payment card data.

While this sounds bad, monetizing card card information really isn't that easy. Orders placed against credit cards shipping to address not the card owner, especially foreign address are quickly flagged for Fraud. Having experienced this first hand, even if the fraud is discovered after shipping an item, you can direct the shipper not to deliver, return to sender. I believe a stolen credit card is only worth around $9 on the dark web, pretty slim profit margins when you consider all the work involved to convert the card into cash or good that can be sold for cash. This is why hacked World of Warcraft accounts were far more valuable at one time, it was easy to convert all of a online characters assets to gold and send the gold over to another account where it could be sold on the open market. However identifiable information is far more valuable, around $25 per identify, opening account in someone else's name are harder to detect and take longer to shut down.

Good info, thanks. I was part of this affected group apparently. My financial institution notified me promptly and we got that part resolved. I have since reevaluated my spending habits and card usage and made some changes to reduce risks.