Romanian Hackers Indicted for Infiltrating 200 Business Outlets
US authorities have indicted four Romanians going the by the names xjuniior, dobitoc212, r_florinus and iulyvip respectively over charges they hacked into computers of over 200 American businesses, particularly aiming at checkout and POS (point-of-sale) systems for filching payment card data, published softpedia.com in news on December 9, 2011.
Over 150 subway eateries across the USA were the chief attack points though 50 other retailers too were targeted, the indictment revealed.
Moreover, the statistics disclosed in the indictment suggest over 80,000 customers who had been affected due to the hack, which spanned 3-yrs (2008-May 2011), during when, the hackers' gang netted millions via the stolen information on credit cards.
The method of operation the cyber-criminals adopted was also pretty distinct, the indictment stated. Essentially, it began with an 'online scan' for spotting attack-prone POS systems through the 'installation' of desktop software, both from the remote. Thereafter, the point-of-sale computers were logged into via passwords guessed or passwords cracked. This was followed with keystroke loggers dropped on those systems for intercepting as also saving data, including payment card details, which the PC operators typed in, alternatively was swiped via traders' point-of-sale computers.
Subsequently, the criminals loaded one backdoor Trojan onto the POS machines for giving them easy admission into the hijacked POS computers, whenever they wanted, for loading alternatively re-loading more hacker programs. All of the four suspects are charged with pulling down a specific hacker program "xp.exe" again and again and from a website called "kitsite.info" onto the attacked POS systems for bypassing detection. Eventually, the entire stolen information was transmitted to remote servers located either at USA or Europe for the benefit of the criminals.
Consequently, the four defendants get imprisonment for up to 5-yrs over every count of conniving towards carrying out PC-related fraud, 30-yrs over every count of conniving towards carrying out wire-fraud, as well as 5-yrs over every count of conniving towards carrying out fraud on access device. In addition they must pay financial penalties amounting double that of fraud loss as well as compensation, court stated in its indictment. Pcworld.com reported this dated December 9, 2011.
Related article: Romanian Hacker Haunting ebay
» SPAMfighter News - 20-12-2011