Hacks

If you're among those millions of customers who shopped at any of 850 Wawa stores last year but haven't yet hotlisted your cards, it's high time to take immediate action. That's because hackers have finally put up payment card details of more than 30 million Wawa breach victims on sale at Joker's Stash, one of the largest dark web marketplaces where cybercriminals buy and sell stolen payment card data. As The Hacker News  reported  last month, on 10th December Wawa learned that its point-of-sale servers had malware installed since March 2019, which stole payment details of its customers from potentially all Wawa locations. At that time, the company said it's not aware of how many customers may have been affected in the nine-month-long breach or of any unauthorized use of payment card information as a result of the incident. Now it turns out that the Wawa breach marked itself in the list of largest credit card breaches ever happened in the history of the U...

A new malware campaign dubbed “RevengeHotels” targeting hotels, hostels, hospitality, and tourism companies worldwide aimed to steal credit card data of users and Travelers from hotel management systems. The campaign uses email as the main attack vector to deliver malware via weaponized Word, Excel or PDF documents. In some cases, it exploits patched Remote Code Execution Vulnerability  CVE-2017-0199  in Microsoft Office or WordPad. Researchers from Kaspersky observed tow hacking groups ProCC and RevengeHotels targeting the hospitality sector and they found to be active at least from 2015. Tactics Used – RevengeHotels Threat actors use to register typo-squatting domains impersonating the legitimate company names to trick the user believing the email is from the legitimate source. They use to send emails with details for booking hotels and the spear-phishing email written in the Portuguese language with the malicious file named  Reserva Advogados Associados(...

Researchers discovered a new trojan Masad Stealer to deliver the powerful spyware on the targeted systems and exfiltrate the stolen data via Telegram. Masad Stealer using Telegram as a command and control channel to maintain the anonymity and hide the malware communication traffic. Recent pas, several hacking groups are abusing the Telegram and used it as a part of their attack in different categories of a malicious campaign. Malware developers who behind the Masad Stealer advertised in the underground hacking forums as it is capable of steals browser data, which might contain usernames, passwords, and credit card information. Also, it automatically replaces the own cryptocurrency wallets from the clipboard with the help of the Telegram bot that controlled by the attacker behind the scene. Researchers believe that Masad Stealer is currently an ongoing campaign and actively attacking the thousands of victims around the world. also, the command and control bot stil...