QIWI: PIN OK attack

PIN OK attack is an attack when a wedge-device created for MiTM is used to substitute the response from the card during an offline-PIN check and say that PIN was correct. Reproduction steps: An attacker with a stolen card without the correct PIN knowledge can use either a so-called wedge device f...

Cybercriminals Fill Up on Gas Pump Transaction Scams Ahead of Oct. Deadline

Gas stations are gearing up for a major change in credit-card fraud liability in October, when they will find themselves on the hook for card-skimming attacks at the pump. In the meantime though, cybercriminals will be targeting pay-at-the-pump point-of-sale mechanisms with a vengeance, researche...

Goodfellas, the Brazilian carding scene is after you

There are three ways of doing things in the malware business: the right way, the wrong way and the way Brazilians do it. From the early beginnings, using skimmers on ATMs, compromising point of sales systems, or even modifying the hardware of processing devices, Latin America has been a fertile...

IC3 Releases Alert on Microchip-Enabled Credit Cards

The Internet Crime Complaint Center IC3 has issued an alert to consumers and merchants about the security risks involved with EMV Cards. An EMV card is a credit or debit card with a microchip that helps protect cardholder data. However, EMV cards may still be vulnerable to exploitation. US-CERT...