26 Jul 2013
US authorities charged five people for operating one of the largest-ever hacking attacks against corporate networks with estimated losses of hundreds of millions of dollars and the theft of over 160 million bank card numbers.
The US federal authorities prosecuted four Russians and a Ukrainian for penetrating databases and computer networks of major companies worldwide, including NASDAQ, JCPenney, JetBlue, TJX, 7-Eleven, Visa Jordan, Diners Singapore, Wet Seal Dow Jones and Dexia .
The police indictment includes a list of methods used by hackers to carry out the attacks. According to the official report, the weapons of choice include SQL injections, malware and tunneling. After stealing the credit card numbers, hackers sold the card information to third parties for fees ranging from $10 to $50 apiece, independent security journalist Brian Krebs reports on his blog.
The five targeted card processors, retailers and banks in a campaign that started in 2005 as part of a gang apparently lead by the hacker Albert “Soupnazi” Gonzales who is currently in jail serving a two-decade sentence for breaching the servers of renowned businesses and accessing their sensitive data. Heartland Payment Systems is among his victims.
"This type of crime is the cutting edge," ” the New Jersey US Attorney Paul Fishman said, as reported by the Security Week. “Those who have the expertise and the inclination to break into our computer networks threaten our economic well-being, our privacy and our national security.”