Operation Carding Action 2020: Cybercriminals stole €800,000 from ATMs in Italy Using Black Box Attacks

Cybercriminals have stolen money from at least 35 ATMs and Cash dispensers which were operated by Italian banks with new black box attack techniques.

The Hungarian and Italian law enforcement agencies supported by Europol carried out an operation named: Carding Action 2020, which has confirmed that around €800.000 has been stolen in just 7 months using ATM Black Box attacks and made few arrests.

They have identified 12 people, 5 of them already have been arrested and 3 currently restricted in Poland, one has returned to Moldova before being stopped and 2 may no longer be on Italian territory.

The gang has multiple logistical bases in the provinces of Vicenza, Parma, Milan, Monza, Bologna, Modena, Viterbo, Mantua, and Rome.

An official press release by Europol revealed the operation was initiated to “mitigate and prevent losses for financial institutions and cardholders,” and Italy and Hungary agencies’ operations were supported by the UK.

“Europol targeted fraudsters selling and purchasing compromised card details on websites selling stolen credit card data, known as card shops, and dark web marketplaces,” the agency said.

“Cybercrime can affect all aspects of our daily life, from paying in the supermarket, transferring money to our friends to using online communication tools or Internet of Things devices at home. Cybercriminals can attack us in different ways and this requires a robust response not only from law enforcement, but also from the private sector,” said Edvardas Šileris, Head of Europol’s European Cybercrime Centre (EC3)

Europol played an important part in facilitating the coordination of information between the law enforcement authorities and private sector partners. The experts from Europol supported this operation by analyzing large volumes of data. 90,000 pieces of data were analyzed by Group-IB including compromised cards by phishing websites and end devices infected with Trojans, hijacked e-commerce websites, and JS-sniffers.

Here’s the list of compromised ATMs location:

  • UFF PP TT 12/07/2020 BELLUSCO
  • BANCA POPOLARE DI NOVARA 07/16/2020 CRODO
  • BPM 07/18/2020 WEEKLY
  • BPM 07/20/2020 MORAZZONE
  • UFF PP TT 03/08/2020 SANT’ILARIO D’ENZA
  • CASSA SAVINGS 04/08/2020 SAONARA
  • UFF PP TT 08/05/2020 CARUGATE
  • UFF PP TT 08/08/2020 PESSANO WITH BORNAGO
  • UFF PP TT 08/18/2020 SEVESO
  • UFF PP TT 08/19/2020 FAGNANO OLONA
  • BBPM 08/21/2020 COMO
  • BANCA INTESA 08/27/2020 GRONTARDO
  • BBPM 01/09/2020 BREMBATE DI ABOVE
  • UFF PP TT 01/09/2020 SIZIANO
  • UFF PP TT 02/09/2020 MELZO
  • UFF PP TT 09/04/2020 CARATE BRIANZA
  • UFF PP TT 07/09/2020 SENAGO
  • UFF PP TT 11/09/2020 BRESCIA
  • BPM 11/09/2020 PARMA
  • UFF PP TT 09/14/2020 BUSNAGO
  • BBPM 09/18/2020 ROZZANO
  • BBPM 09/18/2020 CARONNO PERTUSELLA
  • UFF PP TT 21/09/2020 GHEDI
  • BBPM 09/22/2020 CASARILE
  • BBPM 09/24/2020 MACHERIO
  • BBPM 09/30/2020 RESCALDINA
  • BBPM 09/30/2020 LIMENA
  • VOLKS 21/10/2020 VILLAVERLA
  • UNICREDIT 22/10/2020 GRISIGNANO DI ZOCCO
  • BANCO S. MARCO 10/28/2020 SPINEA
  • BANCA CAMBIANO 10/30/2020 MONTELUPO FIORENTINO
  • BBPM 11/06/2020 BIASSONO
  • BBPM 11/8/2020 Santo Srefano Ticino
  • BCC 10/11/2020 Junction of Capannelle (RM)
  • OFFICE PP. TT. 11/11/2020 Vermicino- Frascati


Source: The Hack Today

Leave a Reply