Updated on 2022-10-26: Carding op leaks data
Group-IB researchers said they identified a misconfigured server that was hosting the control panels for two point-of-sale malware strains named MajikPOS and Treasure Hunter. According to the researchers, the two panels were holding details for 167,000 payment cards—worth on the carding underground an estimated $3.34 million. Read more:
- MajikPOS Uses PoS Malware, RATs for Malicious Tricks
- TreasureHunter Point-of-Sale Malware and Builder Source Code Leaked
- Treasure trove. Alive and well point-of-sale malware
Overview
Threat actors leveraged two POS malware strains—Treasure Hunter and MajikPOS—to pilfer the details of 167,000 credit cards from payment terminals. Read more: Payment terminal malware steals $3.3m worth of credit card numbers – so far
