“We are looking for a buyer to access the network of this organization and sell data from their network,” reads the confusingly worded message inserted into multiple recent victim listings on Conti’s shaming blog.
Continue reading →Ī redacted screenshot of the Conti News victim shaming blog. The source said two major financial providers - one in the United States and one in the United Kingdom - had already begun pulling PAX terminals from their payment infrastructure, a claim that was verified by two different sources. The company has not yet responded to requests for comment. KrebsOnSecurity reached out to PAX Technology’s CEO on Sunday. “A major US payment processor began asking questions about network packets originating from PAX terminals and were not given any good answers.” “FBI and MI5 are conducting an intensive investigation into PAX,” the source said. payment processor started asking questions about unusual network packets originating from the company’s payment terminals.Īccording to that source, the payment processor found that the PAX terminals were being used both as a malware “dropper” - a repository for malicious files - and as “command-and-control” locations for staging attacks and collecting information. Several days ago, KrebsOnSecurity heard from a trusted source that the FBI began investigating PAX after a major U.S. The FBI has not responded to requests for comment. In an official statement, investigators told WOKV only that they were executing a court-authorized search at the warehouse as a part of a federal investigation, and that the inquiry included the Department of Customs and Border Protection and the Naval Criminal Investigative Services (NCIS). based reported that agents with the FBI and Department of Homeland Security (DHS) had raided a local PAX Technology warehouse.
has more than 60 million point-of-sale terminals in use throughout 120 countries. Earlier today, Jacksonville, Fla. Headquartered in Shenzhen, China, PAX Technology Inc. Or just targeted phishing attacks.” Continue reading →įBI agents entering PAX Technology offices in Jacksonville today. “My first thought was they could track a package of jewelry to someone’s door and swipe it off their doorstep,” said Brandon Sheehy, a Dallas-based Web developer. “My second thought was that someone could call Jared’s customers and pretend to be Jared, reading the last four digits of the customer’s card and saying there’d been a problem with the order, and if they could get a different card for the customer they could run it right away and get the order out quickly. When Signet fixed similar weaknesses with its Jared and Kay websites back in 2018, the reader who found and reported that data exposure said his mind quickly turned to the various ways crooks might exploit access to customer order information. We always appreciate it when consumers reach out to us with feedback, and have committed to further our efforts on data protection maturity.” As a result, we exceed industry benchmarks on data protection maturity. “As a business principle we make consumer information protection the highest priority, and proactively initiate independent and industry-leading security testing. We addressed it swiftly, and upon review we found no misuse or negative impact to any systems or customer data.” In a written response, Signet said, “A concern was brought to our attention by an IT professional. When the reader failed to get an immediate response from Signet, KrebsOnSecurity contacted the company. The reader noticed that the link for the order information she’d stumbled on included a lengthy numeric combination that - when altered - would produce yet another customer’s order information. Last week, KrebsOnSecurity heard from a reader who was browsing and suddenly found they were looking at someone else’s order information on the website, including their name, billing address, shipping address, phone number, email address, items and total amount purchased, delivery date, tracking link, and the last four digits of the customer’s credit card number. This week, Signet subsidiary updated its website to remediate a nearly identical customer data exposure. In December 2018, bling vendor Signet Jewelers fixed a weakness in their Kay Jewelers and Jared websites that exposed the order information for all of their online customers.
0 kommentar(er)
