Re: [Full-Disclosure] Hackers View Visa/MasterCard Accounts
From: Kevin Spett (kspett@spidynamics.com)
Date: 02/18/03
- Previous message: Richard M. Smith: "RE: [Full-Disclosure] Hackers View Visa/MasterCard Accounts"
- In reply to: Jason Coombs: "[Full-Disclosure] Hackers View Visa/MasterCard Accounts"
- Next in thread: John.Airey@rnib.org.uk: "RE: [Full-Disclosure] Hackers View Visa/MasterCard Accounts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Kevin Spett" <kspett@spidynamics.com> To: <jasonc@science.org>, <full-disclosure@lists.netsys.com> Date: Tue, 18 Feb 2003 10:59:34 -0500
Here's an excerpt from the posting to net-security.org:
---------
The hacker breached the security system of a company that processes credit
card transactions on behalf of merchants, Visa and MasterCard said.
---------
Looks like someone just ran off with a database. I haven't done any math,
but I'd think that brute forcing that many card numbers and expiration dates
would take ages.
Kevin.
----- Original Message -----
From: "Jason Coombs" <jasonc@science.org>
To: <full-disclosure@lists.netsys.com>
Sent: Tuesday, February 18, 2003 4:28 AM
Subject: [Full-Disclosure] Hackers View Visa/MasterCard Accounts
> So, anyone know whether this was a simple "real-time credit card
processing
> oracle" attack where a tool throws fake orders at sites that provide
> real-time credit card authorizations until a valid card number and
> expiration date are found?
>
> Any third-grader with a copy of Microsoft .NET or Java 2 class libraries
> could whip up the code needed to bang away at the typical e-commerce site
> logging rejected orders due to invalid credit card payment and revealing
> card numbers and expiration dates that can be used for fraud in a variety
of
> ways.
>
> There must be such credit card "hacking" tools circulating for the benefit
> of script kiddies -- anyone looked into this before? If so, will you share
> some references?
>
> Jason Coombs
> jasonc@science.org
>
> --
>
> Hackers View Visa/MasterCard Accounts
>
> Mon February 17, 2003 11:17 PM ET
>
> NEW YORK (Reuters) - More than five million Visa and MasterCard accounts
> throughout the nation were accessed after the computer system at a third
> party processor was hacked into, according to representatives for the card
> associations.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Next message: KF: "Re: [Full-Disclosure] Hackers View Visa/MasterCard Accounts"
- Previous message: Richard M. Smith: "RE: [Full-Disclosure] Hackers View Visa/MasterCard Accounts"
- In reply to: Jason Coombs: "[Full-Disclosure] Hackers View Visa/MasterCard Accounts"
- Next in thread: John.Airey@rnib.org.uk: "RE: [Full-Disclosure] Hackers View Visa/MasterCard Accounts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
