Blog
Ongoing Supply of Compromised Pakistani Payment Cards Suggests Meezan Bank Breach
By Stas Alforov and Christopher Thomas Key Findings In recent months, several security organizations have reported on massive payment card fraud targeting Pakistani financial institutions. Shortly after the initial breach was detected in October 2018, several banks took steps to mitigate damages, reportedly including issuing alerts to customers and blocking online or international use of […]
Japanese Payment Card Fraud Contrasts with Regional Patterns
By Stas Alforov Key Findings Based on the proprietary Gemini Advisory telemetry data collected from various dark web sources over several years, we have determined that in 2018, nearly 1.4 million cards were compromised in the East Asia region, nearly a 100% increase from 2017. Despite the overarching trend of increased fraud in East Asia, […]
Dozens of Municipalities Exposed in Click2Gov Software Compromise
We noticed an out-of-pattern concentration of victims located in small-to-medium US cities. Further analysis of the card data linked to these locations revealed that records likely been stolen from local municipal services that license Click2Gov software
Card Fraud on the Rise, Despite National EMV Adoption
By Stas Alforov Background In 2015, the US financial industry began a massive migration to the EMV standard in response to overwhelming levels of payment card fraud.The inherent security of EMV technology in chip-enabled cards provides end-to-end encryption during card-present transactions, and effectively prevents payment card counterfeiting. EMV rollout was poised to disturb the market […]
Fin7 Syndicate Hacks Saks Fifth Avenue and Lord & Taylor Stores
Key Judgements On March 28, 2018, a JokerStash hacking syndicate announced the release for sale of over five million stolen credit and debit cards In cooperation with several financial organizations, we have confirmed with a high degree of confidence that the compromised records were stolen from customers of Saks Fifth Avenue and Lord & Taylor […]
The Anatomy of Password Reuse Attacks
Background Ever since the early 2000s cyber criminals have known that almost any type of private data not only has a price on the dark web, but also, willing buyers. Since then hackers have used a standard modus operandi, and have been stealing such data by infecting and maintaining control of millions of compromised computers, […]