Blog

Key Findings While cybercrime has dramatically increased in the past several years, Card Not Present (CNP) fraud, in particular, has become far more prolific. Regulatory technologies (regtechs) use consortium data harvested from merchant payment networks to authenticate card data and user identity through digital fingerprints to combat CNP fraud. Cybercriminals use anti-fingerprinting tools to bypass […]

Key Findings Over the last few years, the threat of ransomware attacks has made headlines not only for security practitioners, but also across the mainstream media. Ransomware attacks have been growing more widespread due to a high and increasing yield potential. While attack frequency and scale increase, individual and corporate victims often underreport attacks for […]

Key Findings New research by Cyber R&D Lab detailed a method of bypassing EMV technology to monetize supposedly secure cards. This method, EMV-Bypass Cloning, leverages information from one technology (EMV chips) and converts it into another less-secure technology (magstripe), which allows fraudsters to rely on their familiar cloning techniques. To test this theory, they chose […]

Key Findings Gemini Advisory has previously reported on the Russian Federal Security Service (FSB) arresting 30 members of a hacker ring. This unusual action by Russian law enforcement included the arrest of known cybercriminal Aleksei Stroganov (AKA “Flint24”). Stroganov owns several businesses that appear to be legitimate, and in recent years increased his cybercriminal activities […]

Key Findings Gemini discovered that the “Keeper” Magecart group, which consists of an interconnected network of 64 attacker domains and 73 exfiltration domains, has targeted over 570 victim e-commerce sites in 55 different countries from April 1, 2017 until the present. The Keeper exfiltration and attacker domains use identical login panels and are linked to […]

Gemini has discovered approximately 165,000 compromised Card Present (CP) payment cards offered for sale on the dark web from a breach of the Southern fast-food restaurant Chicken Express. It affected at least 56 locations.