A group of hackers recently published detailed information from an underground credit card company. On July 23, an anonymous group claimed to have compromised a server of an online credit card processor company. At that time, however, the extent of the compromise was unclear. Looking at the data that was published leads us to believe that the compromise is very plausible.
The leaked data includes employee emails as well as recorded phone calls. A particular recorded conversation discussed the various ways of defrauding major credit card companies. Another conversation discussed Fethard, a payment service that allows anonymous payments to be made and that is often associated with money laundering and other cybercriminal activities.
Furthermore, there are assumptions that one of the people behind the credit card processor company also serves as one of the Fethard’s owners. He has likewise been associated with a spam forum called crutop.nu. In 2007, a large sum of money disappeared from Fethard’s funds. This has undoubtedly created problems for Fethard and has possibly pulled the mother company deeper into the cybercrime business.
The compromised credit card company that functions as Fethard’s mother company is infamous for processing payments for FAKEAV, pharmaceuticals on spam sites, extreme pornography, and cheap MP3s. Its official headquarters is in Amsterdam in the Netherlands. However, it only has a handful of Dutch employees and the actual work is done in Russia and Latvia. The company has legitimate customers in Russia as well.
This hacking incident would probably make a lot of cybercriminals nervous. Unfortunately, the incident also puts the personal data of legitimate customers and of many ordinary Russians at risk.
Special thanks to all threat researchers for additional information in this post.