Authorities bust global credit card fraud network targeting POS terminals and ATMs in Europe

The criminal group rigged POS devices in European shopping centers with rogue card readers and malware, Europol said

A global credit card fraud network was shut down on Thursday as the result of an international police operation called "Pandora-Storm" that saw the participation of 20 law enforcement agencies from Europe, America and Australia, Europol announced,

The organized crime group stole credit and debit card details and PIN codes by manipulating point-of-sale (POS) terminals in big shopping centers across Europe using sophisticated methods, the European law enforcement agency said Thursday in a press release.

Members of the group used the stolen data to create counterfeit payment cards that were then used for illegal transactions outside of Europe, in countries like the U.S., Argentina, Colombia, the Dominican Republic, Japan, Mexico, South Korea, Sri Lanka and Thailand.

The credit card fraud network was primarily controlled from Romania and affected around 36,000 card holders from 16 European countries, according to Europol. In addition to physically manipulating POS terminals and rigging them with rogue credit card readers, the group also used malicious software developed for such systems and engaged in online fraud activities, the agency said.

Illegal electronic equipment, stolen financial data, cloned cards and cash were seized during house searches in Romania and the U.K., Europol said. Two illegal workshops for producing hardware and software designed for POS manipulation have been discovered and shut down, the agency said.

The investigation was run by the Romanian Cybercrime Unit and a specialized division of prosecutors from the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT) with support from law enforcement agencies from other countries that collaborated through Europol.

Eighty-five house searches were conducted across multiple Romanian counties, DIICOT said Thursday in a press release. At the same time, property searches were also being conducted in the U.S., Germany, U.K., and the Dominican Republic, the agency said.

Seventy people have been detained in Romania and have been brought in for questioning at the DIICOT central headquarters. The agency has identified four individuals who are believed to be the leaders of several criminals groups that formed the credit card fraud network. Combined, these groups have over 100 members, DIICOT said.

The groups did not only target POS terminals, but also ATMs with the use of skimming devices, DIICOT said. The fraud losses are estimated at over €2 million (US$2.5 million).

Tags Criminalphysical securitysecuritylegalfraudcybercrimemalware

Comments

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

SECURE Web Gateway

Balancing the requirement for strong network security with the need to harness collaborative web technologies is essential for business growth.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.