mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.

Administered by:

Server stats:

18K
active users

#creditcard

3 posts3 participants1 post today

An interesting article that is published by the #gardian #newspaper about a €500,000 #jackpot in #france that is won by thieves.

While the situation is legally complex, #french #law would likely favor Jean-David as the rightful beneficiary of the jackpot, given that the scratchcard was purchased using his stolen #creditcard . The thieves have no legal claim to the winnings, and the #lottery operator may refuse to pay out the prize to them. :blobcatcoffee:

theguardian.com/world/2025/feb

The Guardian · Share of €500,000 jackpot offered to men who bought scratchcard with stolen credit cardBy Kim Willsher

Evolving Snake Keylogger Variant

A new variant of Snake Keylogger, identified as AutoIt/Injector.GTY!tr, has been detected by FortiSandbox v5.0. This malware has attempted over 280 million infections, primarily targeting China, Turkey, Indonesia, Taiwan, and Spain. Snake Keylogger steals sensitive information from popular web browsers by logging keystrokes, capturing credentials, and monitoring the clipboard. It exfiltrates data to its command-and-control server using SMTP and Telegram bots. FortiSandbox's advanced AI engine, PAIX, detected the malware through static and dynamic analysis, revealing its use of AutoIt for obfuscation, process hollowing techniques, and persistence mechanisms. The keylogger also employs specialized modules to steal credit card details and leverages the SetWindowsHookEx API for keystroke capture.

Pulse ID: 67b6ec84ef28beb77cd2fded
Pulse Link: otx.alienvault.com/pulse/67b6e
Pulse Author: AlienVault
Created: 2025-02-20 08:49:08

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
#Autoit#Browser#China

New Phishing Campaign Abuses Webflow to Steal Credit Card Data

Pulse ID: 67b148187f4a7b1c7676b208
Pulse Link: otx.alienvault.com/pulse/67b14
Pulse Author: cryptocti
Created: 2025-02-16 02:06:16

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

Magento Credit Card Stealer Disguised in an <img> Tag

A sophisticated credit card stealing malware, disguised within an <img> tag, was discovered on a Magento-based eCommerce website. The malware uses Base64 encoding to hide its malicious JavaScript code, making it difficult to detect. It activates on the checkout page, waiting for user interaction before collecting credit card information. The script creates a hidden form to capture card details and sends the data to a remote server. This technique allows the malware to avoid detection by security scanners and remain unnoticed by users. The article emphasizes the importance of keeping eCommerce platforms updated, using web application firewalls, enforcing strong passwords, and implementing additional security measures to protect against such attacks.

Pulse ID: 67ad4753d4321b2931985f2c
Pulse Link: otx.alienvault.com/pulse/67ad4
Pulse Author: AlienVault
Created: 2025-02-13 01:13:55

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

Parents Gaming #Kids#CreditScores
Credit scores are meant to be neutral measures of someone’s financial reliability, but in practice, they’re an easy way for some better-off families to give children an early financial advantage. Services promise to help parents ensure kids enter adulthood with good scores. When parents add children as “authorized user” on their #creditcard, makes parents spending and payment habits a part of her credit history.
theatlantic.com/family/archive
archive.ph/GFA4T

The Atlantic · Parents Are Gaming Their Kids’ Credit ScoresBy Michael Waters

#ElizabethWarren: #codered: it's all about the money: #Trump campaigned to help working people but is doing the EXACT OPPOSITE in office

#drillbabydrill #scam baby #scam

#elonmusk and #project2025 author #RussellVought TRY TO DELETE #CFPB (Consumer Financial Protection Bureau)
en.wikipedia.org/wiki/Consumer

a #agency protecting #citizens from #finance #fraud the #financemafia that has lost it's #moralcompass centuries ago, or never had one to begin with

#banksters will trick you in every possible way to extract the last Dime out of you, the probably not so rich

if this goes through it will make things worse for ordinary people #usa you are #doomed

I love how credit card companies offer "cash back". It's evil but brilliant. The vendor has to charge you more to cover the card fees of which you get a small percentage returned to you. You're literally paying more so you can feel all chuffed when they give some of it back to you.

The best part? You'd be a fool not to take that deal. Heads they win, tails you lose. F5g brilliant .

Hackers Exploit Google Tag Manager to Steal Credit Card Data

Pulse ID: 67a9cc6c621d0078e96848a1
Pulse Link: otx.alienvault.com/pulse/67a9c
Pulse Author: cryptocti
Created: 2025-02-10 09:52:44

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach

A mobile malware campaign targeting Indian banks has been uncovered, comprising nearly 900 samples aimed at Android devices. The malware, distributed via WhatsApp as fake government or banking apps, steals sensitive financial and personal data, including Aadhar and PAN card details, credit card information, and banking credentials. It intercepts SMS messages, including OTPs, to facilitate unauthorized transactions. The campaign uses three variants: SMS forwarding, Firebase exfiltration, and a hybrid approach. Over 222 exposed Firebase storage buckets contained 2.5GB of stolen data from an estimated 50,000 users. The malware's phone numbers were traced to West Bengal, Bihar, and Jharkhand. The campaign impersonates various Indian banks and government schemes to increase its reach.

Pulse ID: 67a3e1a5a92ee7be6049e0a0
Pulse Link: otx.alienvault.com/pulse/67a3e
Pulse Author: AlienVault
Created: 2025-02-05 22:09:41

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

From Credit Card Skimming to Exploiting Zero-Days

XE Group, a cybercriminal organization active since 2013, has evolved from credit card skimming to exploiting zero-day vulnerabilities. The group initially focused on web vulnerabilities and supply chain attacks but has now shifted to targeted information theft in manufacturing and distribution sectors. They have demonstrated increased sophistication by exploiting previously undocumented vulnerabilities in VeraCore software, including an SQL injection flaw and an upload validation vulnerability. XE Group maintains long-term access to compromised systems, as evidenced by their reactivation of a webshell planted years earlier. Their recent activities involve exfiltrating config files, network reconnaissance, and deploying a Remote Access Trojan using obfuscated PowerShell commands. The group's evolution highlights their adaptability and growing threat to supply chain security.

Pulse ID: 67a1237da9ade8e303e6d713
Pulse Link: otx.alienvault.com/pulse/67a12
Pulse Author: AlienVault
Created: 2025-02-03 20:13:49

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

Phishing Campaign Impersonates Amazon Prime to Steal Credit Card Data

Sophisticated phishing targets Amazon Prime members to steal credit card data

Pulse ID: 679c478b3f12b2eef4f13104
Pulse Link: otx.alienvault.com/pulse/679c4
Pulse Author: cryptocti
Created: 2025-01-31 03:46:19

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
Replied in thread

@dave and most worringly:

"How is any #bank allowed to open up accounts, Issie a #CreditCard and ship it without explicit prior consent of you as the customer who's name it's on?"

  • I mean, I know the #USA is pressing other Juristictions into #KYC & #AML whilst #CashApp & #Venmo are illegal in the #EU for lack of KYC & AML compliance alone...

Like ain't they afraid someone may steal it and swipe a shitload of stuff with it?

Phishing Campaign Baits Hook With Malicious Amazon PDFs

A new phishing tactic has emerged, using PDF documents to trick victims by announcing expired Amazon Prime memberships. The campaign targets users via email, containing PDF attachments that lead to fake Amazon pages requesting personal and credit card information. Researchers from Palo Alto Networks Unit42 discovered 31 PDF files linking to these phishing sites, none of which had been submitted to VirusTotal. The attack chain begins with an email containing a PDF attachment, which redirects victims to subdomains of duckdns[.]org hosting the phishing website. The campaign uses cloaking techniques to redirect scans and analysis attempts to benign domains. Four initial links were identified as potential threats in this sophisticated phishing operation.

Pulse ID: 6799878f732beab5d331d334
Pulse Link: otx.alienvault.com/pulse/67998
Pulse Author: AlienVault
Created: 2025-01-29 01:42:39

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
Continued thread

4/4: I have been keeping up on the minimal payment through unemployment and the pandemic without a break. This is extortion, plain and simple.
With all the recent news about Luigi Mangione, I'm surprised that no one ever took a shot at a Chase executive in the street by now.

Continued thread

2/4: I am living with an elderly sibling with mental health issues who has damaged my property and is intentionally running up my gas bill while continuing to live off my late father's money as he has done his entire life. I can not afford to move out. I am at my wit's end.

ADDENDUM 1/27: The main cause of my increasing debt is an old outstanding balance on a JPMorganChase card on which they are charging interest upon interest.
#creditcard #debt #chase #jpmorganchase

1/4: I posted this elsewhere last week. Reposting with an addendum:

Full disclosure. I am in debt up to my ass. I am constantly applying for jobs and not hearing back. I closed out my storage unit last year and am selling off a lot of stuff to keep up on bills and pay for groceries. I may have to file for bankruptcy and close my website that I've had since 2001, almost half my life. (cont.)
#creditcard #debt #chase #jpmorganchase