Authorities bust global credit card fraud network targeting POS terminals and ATMs in Europe

The criminal group rigged POS devices in European shopping centers with rogue card readers and malware, Europol said

A global credit card fraud network was shut down on Thursday as the result of an international police operation called "Pandora-Storm" that saw the participation of 20 law enforcement agencies from Europe, America and Australia, Europol announced,

The organized crime group stole credit and debit card details and PIN codes by manipulating point-of-sale (POS) terminals in big shopping centers across Europe using sophisticated methods, the European law enforcement agency said Thursday in a press release.

Members of the group used the stolen data to create counterfeit payment cards that were then used for illegal transactions outside of Europe, in countries like the U.S., Argentina, Colombia, the Dominican Republic, Japan, Mexico, South Korea, Sri Lanka and Thailand.

The credit card fraud network was primarily controlled from Romania and affected around 36,000 card holders from 16 European countries, according to Europol. In addition to physically manipulating POS terminals and rigging them with rogue credit card readers, the group also used malicious software developed for such systems and engaged in online fraud activities, the agency said.

Illegal electronic equipment, stolen financial data, cloned cards and cash were seized during house searches in Romania and the U.K., Europol said. Two illegal workshops for producing hardware and software designed for POS manipulation have been discovered and shut down, the agency said.

The investigation was run by the Romanian Cybercrime Unit and a specialized division of prosecutors from the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT) with support from law enforcement agencies from other countries that collaborated through Europol.

Eighty-five house searches were conducted across multiple Romanian counties, DIICOT said Thursday in a press release. At the same time, property searches were also being conducted in the U.S., Germany, U.K., and the Dominican Republic, the agency said.

Seventy people have been detained in Romania and have been brought in for questioning at the DIICOT central headquarters. The agency has identified four individuals who are believed to be the leaders of several criminals groups that formed the credit card fraud network. Combined, these groups have over 100 members, DIICOT said.

The groups did not only target POS terminals, but also ATMs with the use of skimming devices, DIICOT said. The fraud losses are estimated at over €2 million (US$2.5 million).

Tags: Criminal, physical security, security, legal, fraud, cybercrime, malware

JP Morgan to invest £150 million on boosting cyber security

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

AVG Internet Security 2011 Business Edition

Ultimate protection for your small or medium-sized business

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.