Key Findings The Joker’s Stash dark web marketplace, known for advertising and uploading major breaches containing millions of compromised cards, has uploaded its latest breach, titled “BLAZINGSUN.” Gemini Advisory determined that the compromised point of purchase (CPP) was Dickey’s Barbecue Pit, a US-based restaurant franchise. Dickey’s operates on a franchise model, which often allows each […]
Read moreKey Findings Gemini Advisory’s analysts uncovered a September 14, 2020 post on a Russian-language dark web forum by a ransomware team operating under the moniker “LockBit,” in which they advertised starting their own blog under the same name. This entry into the “big leagues” by LockBit was accompanied by a blog post with two databases […]
Read moreKey Findings While cybercrime has dramatically increased in the past several years, Card Not Present (CNP) fraud, in particular, has become far more prolific. Regulatory technologies (regtechs) use consortium data harvested from merchant payment networks to authenticate card data and user identity through digital fingerprints to combat CNP fraud. Cybercriminals use anti-fingerprinting tools to bypass […]
Read moreKey Findings Over the last few years, the threat of ransomware attacks has made headlines not only for security practitioners, but also across the mainstream media. Ransomware attacks have been growing more widespread due to a high and increasing yield potential. While attack frequency and scale increase, individual and corporate victims often underreport attacks for […]
Read moreKey Findings New research by Cyber R&D Lab detailed a method of bypassing EMV technology to monetize supposedly secure cards. This method, EMV-Bypass Cloning, leverages information from one technology (EMV chips) and converts it into another less-secure technology (magstripe), which allows fraudsters to rely on their familiar cloning techniques. To test this theory, they chose […]
Read moreKey Findings Gemini Advisory has previously reported on the Russian Federal Security Service (FSB) arresting 30 members of a hacker ring. This unusual action by Russian law enforcement included the arrest of known cybercriminal Aleksei Stroganov (AKA “Flint24”). Stroganov owns several businesses that appear to be legitimate, and in recent years increased his cybercriminal activities […]
Read more