Friday, October 16, 2015

Hacking group stole credit card data of 150K casino customers

Hacking group stole credit card data of 150K casino customers




The personal information of 150,000 customers of an as-yet-unnamed casino was compromised following an incursion by the "Fin5" hacking group.
The personal information of 150,000 customers of an as-yet-unnamed casino was compromised following an incursion by the "Fin5" hacking group.
The personal information of 150,000 customers of an as-yet-unnamed casino was compromised following an incursion by the "Fin5" hacking group, according to The Register.
Barry Vengerik and Emmanual Jean-Georges of FireEye's Mandiant team determined that the hackers, already known for their use of “RawPOS” malware to siphon data from PoS devices, had been in the casino's system for a year. They added that the network lacked basic protections, such as a firewall and logging capabilities.
Vengerik said the gang attacks using stolen credentials, thereby avoiding an initial chance at detection. With a backdoor named Tornhull and a VPN called Flipside, the perpetrators then target Active Directory to gain further credentials.
The incursion illustrates how enterprises should safeguard any egress that third-parties have to corporate networks, Vengerik said.
The casino has since updated its security posture to include two-factor authentication, application whitelisting and more logging.


http://www.scmagazine.com/hacking-group-stole-credit-card-data-of-150k-casino-customers/article/446251/#
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)