Turkey’s Staggering Credit Card Breach: Half a Million Users Exposed!
Turkey’s Staggering Credit Card Breach: Half a Million Users Exposed!
In a recent and alarming cybersecurity incident, a whopping 463,378 credit and debit card details from Turkey were swiped and put up for sale on a shady online marketplace called Joker Stash. This massive breach, which went down between October 28 and November 27, was spotted by Group-IB, a top-notch Singapore-based cybersecurity firm, and reported to ZDNet.
The Unprecedented Scale of the Breach
Group-IB researchers pointed out that such a large-scale sale of Turkish card details is a super rare event. This incident marks the biggest breach involving Turkish banks in the past year. The bad guys are estimated to have raked in over $500,000 from selling this sensitive info on the dark web.
Sensitive Information Compromised
Dmitry Shestakov, the Head of Cybercrime Research at Group-IB, spilled the beans that the stolen data includes:
- Card expiration dates
- CVC/CVV codes
- Cardholder names
- Email addresses
- Phone numbers
Shestakov reckons that the data was likely snatched through phishing sites, nasty software, or hacked online stores using JavaScript skimmers. The latter is thought to be the most likely method used in this breach.
Responsible Disclosure and Response
Upon discovering the breach, Group-IB quickly tipped off the relevant Turkish authorities, enabling them to take action to minimize the damage. This responsible disclosure shows how crucial swift action is when facing cybersecurity threats.
VPN Vulnerabilities Exposed
In another troubling turn of events, security researchers have uncovered a new vulnerability (CVE-2019-14899) affecting Linux and Unix-based operating systems, including FreeBSD, OpenBSD, macOS, iOS, and Android. This flaw lets attackers on the same network intercept and mess with encrypted VPN traffic.
Impact on VPN Technologies
The vulnerability hangs out in the network stack of the operating systems, affecting popular VPN protocols like OpenVPN, WireGuard, and IKEv2/IPSec. By exploiting this vulnerability, attackers can:
- Discover the virtual IP address assigned by the VPN server
- Keep an eye on connections to specific websites
- Intercept TCP traffic
Affected Systems
Researchers successfully tested the exploit on various systems, including:
- Ubuntu 19.10
- Fedora
- Debian 10.2
- Arch 2019.05
- Manjaro 18.1.1
- Deepin
- FreeBSD
- OpenBSD
The researchers have given the affected systems a heads-up and plan to spill the technical details of the vulnerability once the necessary patches are out.
Intel CPUs Vulnerable to PlunderVolt Attack
Security researchers have spotted a new attack, named PlunderVolt (CVE-2019-11157), targeting modern Intel CPUs. This attack messes with the voltage settings of the CPU to snatch sensitive information, like encryption keys, from the Intel Software Guard Extensions (SGX).
Exploiting Voltage Settings
Intel SGX is designed to protect sensitive data within secure enclaves. However, by tweaking the voltage settings, attackers can compromise the integrity of these enclaves. This method is particularly worrying as it can be carried out by malware that takes control of the operating system.
Intel’s Response
Intel has rolled out microcode and BIOS updates to fix this vulnerability, urging users to apply these patches to protect their systems.
Windows Zero-Day Vulnerability
Microsoft’s December 2019 update tackled 36 security vulnerabilities, including a critical zero-day vulnerability (CVE-2019-1458) in Google Chrome. This privilege escalation vulnerability, reported by Kaspersky, lets attackers execute arbitrary code on affected systems.
Mitigation and Recommendations
Users are strongly advised to update their systems and browsers to the latest versions to guard against these vulnerabilities. For more info, check out the Microsoft Security Update Guide.
