Threat Watch

Malware Author Pleads Guilty for Role in Cybercrime Organization

Valerian Chiochiu, aged 30, pleaded guilty in a United States District Court last Friday for his role in the carding-centric organization known as Infraud. This plea came recently after the co-founder and main administrator for Infraud, Sergey Medvedev of Russia, pled guilty on June 26th. For over seven years, Chiochiu, Medvedev and wanted fugitive Svyatoslav Bondarenko of Ukraine operated racketeering schemes that totaled damages of over $560 million USD as part of the Infraud organization. According to the indictment, Chiochiu provided guidance to other Infraud members regarding fraud and carding.  He also admitted to creating the malware strain “FastPOS” to steal payment card account data from Point of Sale (POS) systems.

ANALYST NOTES

As carding, in general, has been ramping up, Binary Defense recommends that retail organizations use a defense-in-depth strategy to protect POS terminal devices. Threat actors typically breach security through phishing and malware on employee workstations, then move laterally using stolen administrator credentials to execute scripts remotely on POS computer systems, injecting instructions into the processes that handle card data to steal account numbers from system memory. All POS systems should be upgraded to process EMV chip cards and use point-to-point encryption. Consumers should be aware of ways to protect credit card purchases, such as using a virtual credit card for all online purchases. Similar to a preloaded gift card, a virtual credit card is a service offered by many banks and credit card companies that allows cardholders to generate a unique temporary card with a set limit on spending (typically a little more than the total purchase). This way, if the card is stolen, it cannot be used for any other transactions.

Source: https://www.justice.gov/opa/pr/malware-author-pleads-guilty-role-transnational-cybercrime-organization-responsible-more-568