Russian hackers steal credit card data – What hides behind the arrests?

Russian Hackers Accused of Credit Card Data Theft

Russian authorities have publicly accused six suspects of stealing data from 160,000 credit cards and payment information from foreign online stores. The perpetrators, using malicious software, attempted to bypass the security measures of websites to obtain necessary data from databases.

Hackers’ Methods of Operation

The data theft was carried out by copying account information and storing it on remote servers. Subsequently, the stolen data was sold on internet forums in the so-called darknet – a part of the internet invisible to the average user.

Case Details

According to reports, the six suspects are: Denis Priymachenko, Alexander Aseev, Alexander Basov, Dmitry Kolpakov, Vladislav Patyuk, and Anton Tolmachev. Considering the charges brought by the authorities, the perpetrators face fines or up to seven years in prison for cybercriminal activities.

Attacks Using the Magecart Method

The tactic of stealing payment data used by Russian hackers is known as Magecart. Attacks of this kind involve compromising insecure websites by injecting malicious code, often JavaScript, on payment pages or other areas of a website where payment information is entered.

The Scope of the Issue

In 2022, nearly 60 million compromised payment card records were put up for sale on darknet platforms. Such attacks are highly popular among Russian cybercriminals, especially in light of the sanctions imposed on Russia after the invasion of Ukraine, which may incentivize criminals to engage in financial crimes.

Arrests and Data Analysis

In 2022, the Russian Federal Security Service arrested the administrator of the internet forum UniCC, where criminals gathered to trade stolen credit card information. An analysis conducted by the group Insight Recorded Future suggests links between the arrests on UniCC and the accusations against Russian hackers for data theft.