Authorities bust global credit card fraud network targeting POS terminals and ATMs in Europe

The criminal group rigged POS devices in European shopping centers with rogue card readers and malware, Europol said

A global credit card fraud network was shut down on Thursday as the result of an international police operation called "Pandora-Storm" that saw the participation of 20 law enforcement agencies from Europe, America and Australia, Europol announced,

The organized crime group stole credit and debit card details and PIN codes by manipulating point-of-sale (POS) terminals in big shopping centers across Europe using sophisticated methods, the European law enforcement agency said Thursday in a press release.

[ IN THE NEWS: Researchers uncover vSkimmer malware targeting point-of-sale systems]

Members of the group used the stolen data to create counterfeit payment cards that were then used for illegal transactions outside of Europe, in countries like the U.S., Argentina, Colombia, the Dominican Republic, Japan, Mexico, South Korea, Sri Lanka and Thailand.

The credit card fraud network was primarily controlled from Romania and affected around 36,000 card holders from 16 European countries, according to Europol. In addition to physically manipulating POS terminals and rigging them with rogue credit card readers, the group also used malicious software developed for such systems and engaged in online fraud activities, the agency said.

Illegal electronic equipment, stolen financial data, cloned cards and cash were seized during house searches in Romania and the U.K., Europol said. Two illegal workshops for producing hardware and software designed for POS manipulation have been discovered and shut down, the agency said.

The investigation was run by the Romanian Cybercrime Unit and a specialized division of prosecutors from the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT) with support from law enforcement agencies from other countries that collaborated through Europol.

Eighty-five house searches were conducted across multiple Romanian counties, DIICOT said Thursday in a press release. At the same time, property searches were also being conducted in the U.S., Germany, U.K., and the Dominican Republic, the agency said.

Seventy people have been detained in Romania and have been brought in for questioning at the DIICOT central headquarters. The agency has identified four individuals who are believed to be the leaders of several criminals groups that formed the credit card fraud network. Combined, these groups have over 100 members, DIICOT said.

The groups did not only target POS terminals, but also ATMs with the use of skimming devices, DIICOT said. The fraud losses are estimated at over a!2 million (US$2.5 million).

Source