Skip to main content

No safe haven: the global Secret Service hunt for three hackers

posted onAugust 1, 2012
by l33tdawg

Dave & Buster's store #32 in Islandia, New York—a restaurant and electronic funhouse for adults—seemed an unlikely target for an international credit card theft ring. Certainly no patron drinking beer and shooting miniature basketballs into a miniature hoop expected their credit card data to end up inside an encrypted Latvian server, waiting to be sold off to international criminals who would ring up more than $600,000 in charges on the cards. But that was because no patron knew anything about the Estonian hacker Aleksandr "JonnyHell" Suvorov.

On May 18, 2007, Suvorov electronically entered the point of sale (POS) server at store #32. Every Dave & Buster's has a POS server, which vacuums up all the credit card data collected by each store's credit card swipe terminals and relays it upstream to a payment processor for verification and approval of the transaction. With full access to the server, Suvorov had no trouble installing a customized bit of code called a packet sniffer, and the program promptly turned its digital nose upon all traffic flowing into and out of the server. The sniffer used this privileged position to find and extract from the data stream the key "track 2" data—numbers and expiration dates, but not names—from every credit card used in store #32, saving it to a local file creatively named "log" for later retrieval.

Source

Tags

Hackers Law and Order

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th