Authorities bust global credit card fraud network targeting POS terminals and ATMs in Europe

The criminal group rigged POS devices in European shopping centers with rogue card readers and malware, Europol said

A global credit card fraud network was shut down on Thursday as the result of an international police operation called "Pandora-Storm" that saw the participation of 20 law enforcement agencies from Europe, America and Australia, Europol announced,

The organized crime group stole credit and debit card details and PIN codes by manipulating point-of-sale (POS) terminals in big shopping centers across Europe using sophisticated methods, the European law enforcement agency said Thursday in a press release.

Members of the group used the stolen data to create counterfeit payment cards that were then used for illegal transactions outside of Europe, in countries like the U.S., Argentina, Colombia, the Dominican Republic, Japan, Mexico, South Korea, Sri Lanka and Thailand.

The credit card fraud network was primarily controlled from Romania and affected around 36,000 card holders from 16 European countries, according to Europol. In addition to physically manipulating POS terminals and rigging them with rogue credit card readers, the group also used malicious software developed for such systems and engaged in online fraud activities, the agency said.

Illegal electronic equipment, stolen financial data, cloned cards and cash were seized during house searches in Romania and the U.K., Europol said. Two illegal workshops for producing hardware and software designed for POS manipulation have been discovered and shut down, the agency said.

The investigation was run by the Romanian Cybercrime Unit and a specialized division of prosecutors from the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT) with support from law enforcement agencies from other countries that collaborated through Europol.

Eighty-five house searches were conducted across multiple Romanian counties, DIICOT said Thursday in a press release. At the same time, property searches were also being conducted in the U.S., Germany, U.K., and the Dominican Republic, the agency said.

Seventy people have been detained in Romania and have been brought in for questioning at the DIICOT central headquarters. The agency has identified four individuals who are believed to be the leaders of several criminals groups that formed the credit card fraud network. Combined, these groups have over 100 members, DIICOT said.

The groups did not only target POS terminals, but also ATMs with the use of skimming devices, DIICOT said. The fraud losses are estimated at over €2 million (US$2.5 million).

Join the CSO newsletter!

Error: Please check your email address.

Tags Criminalsecurityphysical securitylegalmalwarecybercrimefraud

More about Europol

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Lucian Constantin

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place