Blog


FSB Takes Down Top-Tier Marketplace, Arrests Admins

Key Findings Russian media reported that the Russian Federal Security Service (FSB) arrested 30 members of a hacker ring on March 20, 2020. The hackers purportedly specialized in selling compromised debit and credit cards stolen from foreign citizens.  Around the same time as these arrests, Gemini noted that a popular dark web marketplace known as […]

Read more

Breached Volusion Card Data Surfaces in Dark Web

By Stas Alforov and Christopher Thomas Key Findings In late 2019, the popular e-commerce platform Volusion was compromised in a Magecart attack. While some reports claimed that the breach affected up to 20,000 online stores, 6,589 were confirmed to be connected to the compromised domain. Gemini Advisory determined that the script was dynamically injected into […]

Read more

Breached Wawa Payment Card Records Reach Dark Web

By Stas Alforov and Christopher Thomas Key Findings The Joker’s Stash marketplace, one of the largest and most notorious dark web marketplaces for buying stolen payment card data, began uploading records from its latest major breach on January 27. The breach was titled “BIGBADABOOM-III.” Gemini determined that the point of compromise for BIGBADABOOM-III is Wawa, […]

Read more

Australian Cyberfraud: Holding the Line

By Stas Alforov and Christopher Thomas Key Findings As cybercrime levels around the world continue to rise, Australia has seen an increasing number of incidents. However, official statistics show that the rate of increase is slowing in Australia, offering an optimistic outlook for the nation’s countermeasures. From 2018 to 2019, Gemini observed Australian payment card […]

Read more

Second Wave of Click2Gov Breaches Hits United States

By Stas Alforov and Christopher Thomas Key Findings In December 2018, Gemini Advisory covered a breach of Click2Gov, a self-service bill-pay portal for utilities, community development, and parking tickets, which compromised over 300,000 payment card records from dozens of cities across the United States and Canada between 2017 and late 2018. Gemini has now observed […]

Read more

South Korean Breach Exposes Over 1 Million Payment Cards

By Stas Alforov and Christopher Thomas Key Findings While the entire Asia Pacific (APAC) region is experiencing a noticeable uptick in attacks against brick-and-mortar and e-commerce businesses, South Korea has emerged as the largest victim of Card Present (CP) data theft by a wide margin.  Gemini Advisory observed a spike in South Korean-issued CP records […]

Read more