Gemini has discovered approximately 165,000 compromised Card Present (CP) payment cards offered for sale on the dark web from a breach of the Southern fast-food restaurant Chicken Express. It affected at least 56 locations.
Key Findings Russian media reported that the Russian Federal Security Service (FSB) arrested 30 members of a hacker ring on March 20, 2020. The hackers purportedly specialized in selling compromised debit and credit cards stolen from foreign citizens. Around the same time as these arrests, Gemini noted that a popular dark web marketplace known as […]
By Stas Alforov and Christopher Thomas Key Findings In late 2019, the popular e-commerce platform Volusion was compromised in a Magecart attack. While some reports claimed that the breach affected up to 20,000 online stores, 6,589 were confirmed to be connected to the compromised domain. Gemini Advisory determined that the script was dynamically injected into […]
By Stas Alforov and Christopher Thomas Key Findings The Joker’s Stash marketplace, one of the largest and most notorious dark web marketplaces for buying stolen payment card data, began uploading records from its latest major breach on January 27. The breach was titled “BIGBADABOOM-III.” Gemini determined that the point of compromise for BIGBADABOOM-III is Wawa, […]
By Stas Alforov and Christopher Thomas Key Findings As cybercrime levels around the world continue to rise, Australia has seen an increasing number of incidents. However, official statistics show that the rate of increase is slowing in Australia, offering an optimistic outlook for the nation’s countermeasures. From 2018 to 2019, Gemini observed Australian payment card […]
By Stas Alforov and Christopher Thomas Key Findings In December 2018, Gemini Advisory covered a breach of Click2Gov, a self-service bill-pay portal for utilities, community development, and parking tickets, which compromised over 300,000 payment card records from dozens of cities across the United States and Canada between 2017 and late 2018. Gemini has now observed […]