chalabala - Fotolia

24 cyber criminals arrested in Europol operation

Romanian police arrest 24 members of a card skimming and cloning operation and identify 47 other suspects

Romanian police have arrested 24 cyber criminals in a Europol operation aimed at dismantling a payment card fraud gang.

Police searched 18 houses in six Romanian counties and seized electronic devices, computers, mobile phones, equipment used to make card skimming devices and around €50,000 in cash.

Europol said the gang had installed skimming devices in several EU member states at automatic bank teller machines and self-service fuel stations to copy the magnetic stripe data from payment cards.

The data gathered was then used to produce cloned payment cards that were used to withdraw cash in non-EU countries, including Nepal, the Philippines, Taiwan and the US, where Chip and PIN technology is not common.

Those arrested are also suspected of establishing or supporting an organised criminal group, illegal software and hardware operations, payment card falsification, fraudulent financial transactions and money laundering.

Europol said the investigation also led to the identification of a further 47 individuals involved in various activities within the criminal group.

Europol’s European Cybercrime Centre (EC3) supported Romanian authorities throughout the investigation, assisting with identifying the suspects and exchanging information with other law enforcement authorities.

Several operational meetings were also held at Europol’s headquarters in The Hague. Europol said its cyber crime experts produced analytical reports on the criminal group’s international activities.

Card cloning is rife

Criminal gangs are able to create clones of legitimate payment cards once they have copied all the necessary information from the card.

Card cloning has been suggested as one way the criminals who raided Tesco Bank could have tapped into 9,000 accounts in a short period of time to steal £2.5m. One of the affected Tesco Bank customers told the Mail Online that withdrawals using a card had been made in Brazil.

Read more about POS malware

  • Cyber criminals will ramp up attacks on point-of-sale systems, according to the 2015 cyber trends and threat analysis by Verisign.
  • The compromise of point-of-sale system supplier Nextep highlights the need to update legacy systems.
  • The theft of credit card data from the Mandarin Oriental hotel group highlights the security risk of legacy point-of-sale systems.

Obtaining the information by using skimming devices is fairly old school, however, with some gangs in more recent times infecting point-of-sale (POS) systems with malware to steal the card data.

In 2015, for example, Cisco researchers discovered PoS malware, dubbed PoSeidon, which was designed to scrape POS devices’ memory for credit card information and exfiltrate that data.

The researchers said the card data can be used to create cloned payment cards, and is typically sold on criminal markets.

Card cloning is particularly rife in countries outside of Europe that have not yet implemented Chip and PIN technology in line with the Europay, MasterCard and Visa (EMV) standard.

In October 2014, then US president Barack Obama issued an executive order aimed at accelerating the adoption of cards that meet the EMV standard.

While EMV is not hack-proof, it provides more security than the magnetic stripe system, with a unique identifier for each transaction and user verification through a PIN code.

Although widely adopted in Europe, where it has been credited with significantly reducing card-present fraud, EMV adoption in the US has been relatively slow.

Read more on Hackers and cybercrime prevention

Data Center
Data Management