Cybercriminals are targeting Amazon, PayPal, Roblox, and Steam users with malware that steals payment data.
Security analysts discovered that the most popular hacking groups on Telegram have been focusing on the PayPal and Amazon platforms. The hackers are believed to be focusing their efforts on obtaining payment data from users of the services, and some of those accounts may include personal information such as passwords, card numbers, and social security numbers.
If your account has a balance, hackers are after it. The cyberspies in this PayPal phishing scam use an info stealer to get account data and passwords, then send information to the malicious code hidden in a message.
A recent study has revealed a new threat tactic used by cybercriminals aiming to steal money from online stores. The crooks are using a technique called data harvesting – otherwise known as data mining, data harvesting, or even password guessing.
Analysis shows that crooks are always trying to figure out how they can use your stolen data and steal more money from you. While several groups just engage a single stealer at once, others use two or three at the same time. The bad thing is that each of these stealing groups has access to unique knowledge about their counterparts and other hacking gangs (including us). Therefore, no matter what your chosen payment method is, you need to be careful about whom you share information with and when.
The most alarming thing about these attacks is the fact that they take advantage of the untapped open internet. In other words, it's not limited to a specific area of the world or any specific device type. It's simply accessible to anyone and anything. The criminals behind such attacks can infect all sorts of devices including laptops, smartphones, Wi-Fi routers, and gaming consoles as well. 538,00 systems were compromised by these crooks between March and December 2021.
The U.S., Indian, Germany, and Indonesian were the countries that had the most attacks.
Despite the massive increase in the number of infected credit cards and payment data, crooks did not manage to collect more than $5.8 million worth of information. These criminals most likely used stolen credentials belonging to companies that were selling their source codes as a service on platforms such as Roblox and Amazon. However, users should remain calm: despite the high number of stolen user credentials, they are unlikely ever to have been successfully blacklisted or removed from these systems by vendors.
Over the first half of 2022, researchers have observed an intense interest in both Amazon and PayPal credentials. At the same time, they’ve seen an increase in gaming services—such as Roblox, Steam, Epic Games, and PlayStation Store—that cybercriminals are targeting.
Group-IB has found that crooks are targeting users of Amazon, Roblox, and Paypal with phishing emails designed to steal their payment data. The popularity of schemes involving stealers can be explained by the low entry barrier. Because the procedure is entirely automated and the worker's sole responsibility is to generate a file with a phisher under a Telegram bot and direct traffic to it, beginners do not need to possess sophisticated technological knowledge. But the results can be severe for victims whose machines are compromised by a stealer.
Your private payment information is what the thieves want. The official recommendation is to refrain from installing software from shady websites and to routinely delete your cookies. Additionally, it is advised to avoid storing credentials on sites.
Read next: A Phishing Gang Known As Ducktail Is Using LinkedIn and WhatsApp To Hijack Business Accounts on Facebook
Security analysts discovered that the most popular hacking groups on Telegram have been focusing on the PayPal and Amazon platforms. The hackers are believed to be focusing their efforts on obtaining payment data from users of the services, and some of those accounts may include personal information such as passwords, card numbers, and social security numbers.
If your account has a balance, hackers are after it. The cyberspies in this PayPal phishing scam use an info stealer to get account data and passwords, then send information to the malicious code hidden in a message.
A recent study has revealed a new threat tactic used by cybercriminals aiming to steal money from online stores. The crooks are using a technique called data harvesting – otherwise known as data mining, data harvesting, or even password guessing.
Analysis shows that crooks are always trying to figure out how they can use your stolen data and steal more money from you. While several groups just engage a single stealer at once, others use two or three at the same time. The bad thing is that each of these stealing groups has access to unique knowledge about their counterparts and other hacking gangs (including us). Therefore, no matter what your chosen payment method is, you need to be careful about whom you share information with and when.
The most alarming thing about these attacks is the fact that they take advantage of the untapped open internet. In other words, it's not limited to a specific area of the world or any specific device type. It's simply accessible to anyone and anything. The criminals behind such attacks can infect all sorts of devices including laptops, smartphones, Wi-Fi routers, and gaming consoles as well. 538,00 systems were compromised by these crooks between March and December 2021.
The U.S., Indian, Germany, and Indonesian were the countries that had the most attacks.
Despite the massive increase in the number of infected credit cards and payment data, crooks did not manage to collect more than $5.8 million worth of information. These criminals most likely used stolen credentials belonging to companies that were selling their source codes as a service on platforms such as Roblox and Amazon. However, users should remain calm: despite the high number of stolen user credentials, they are unlikely ever to have been successfully blacklisted or removed from these systems by vendors.
Over the first half of 2022, researchers have observed an intense interest in both Amazon and PayPal credentials. At the same time, they’ve seen an increase in gaming services—such as Roblox, Steam, Epic Games, and PlayStation Store—that cybercriminals are targeting.
Group-IB has found that crooks are targeting users of Amazon, Roblox, and Paypal with phishing emails designed to steal their payment data. The popularity of schemes involving stealers can be explained by the low entry barrier. Because the procedure is entirely automated and the worker's sole responsibility is to generate a file with a phisher under a Telegram bot and direct traffic to it, beginners do not need to possess sophisticated technological knowledge. But the results can be severe for victims whose machines are compromised by a stealer.
Your private payment information is what the thieves want. The official recommendation is to refrain from installing software from shady websites and to routinely delete your cookies. Additionally, it is advised to avoid storing credentials on sites.
Read next: A Phishing Gang Known As Ducktail Is Using LinkedIn and WhatsApp To Hijack Business Accounts on Facebook
