Re: [Full-Disclosure] Hackers View Visa/MasterCard Accounts

From: Kevin Spett (kspett@spidynamics.com)
Date: 02/18/03

  • Next message: KF: "Re: [Full-Disclosure] Hackers View Visa/MasterCard Accounts"
    From: "Kevin Spett" <kspett@spidynamics.com>
    To: <jasonc@science.org>, <full-disclosure@lists.netsys.com>
    Date: Tue, 18 Feb 2003 10:59:34 -0500
    

    Here's an excerpt from the posting to net-security.org:

    ---------
    The hacker breached the security system of a company that processes credit
    card transactions on behalf of merchants, Visa and MasterCard said.
    ---------

    Looks like someone just ran off with a database. I haven't done any math,
    but I'd think that brute forcing that many card numbers and expiration dates
    would take ages.

    Kevin.

    ----- Original Message -----
    From: "Jason Coombs" <jasonc@science.org>
    To: <full-disclosure@lists.netsys.com>
    Sent: Tuesday, February 18, 2003 4:28 AM
    Subject: [Full-Disclosure] Hackers View Visa/MasterCard Accounts

    > So, anyone know whether this was a simple "real-time credit card
    processing
    > oracle" attack where a tool throws fake orders at sites that provide
    > real-time credit card authorizations until a valid card number and
    > expiration date are found?
    >
    > Any third-grader with a copy of Microsoft .NET or Java 2 class libraries
    > could whip up the code needed to bang away at the typical e-commerce site
    > logging rejected orders due to invalid credit card payment and revealing
    > card numbers and expiration dates that can be used for fraud in a variety
    of
    > ways.
    >
    > There must be such credit card "hacking" tools circulating for the benefit
    > of script kiddies -- anyone looked into this before? If so, will you share
    > some references?
    >
    > Jason Coombs
    > jasonc@science.org
    >
    > --
    >
    > Hackers View Visa/MasterCard Accounts
    >
    > Mon February 17, 2003 11:17 PM ET
    >
    > NEW YORK (Reuters) - More than five million Visa and MasterCard accounts
    > throughout the nation were accessed after the computer system at a third
    > party processor was hacked into, according to representatives for the card
    > associations.
    >
    > _______________________________________________
    > Full-Disclosure - We believe in it.
    > Charter: http://lists.netsys.com/full-disclosure-charter.html
    >

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html



    Relevant Pages

    • Re: Travels....Day 9
      ... the same card and every station treats it differently. ... me a five dollar credit to boot..if more people would make a fuss ... for fraudulent charges made with your card or account information. ... Your peace of mind and protection are paramount to Visa. ...
      (rec.outdoors.rv-travel)
    • Re: Travels....Day 9
      ... the same card and every station treats it differently. ... me a five dollar credit to boot..if more people would make a fuss ... for fraudulent charges made with your card or account information. ... Your peace of mind and protection are paramount to Visa. ...
      (rec.outdoors.rv-travel)
    • Re: Travels....Day 9
      ... the same card and every station treats it differently. ... me a five dollar credit to boot..if more people would make a fuss ... for fraudulent charges made with your card or account information. ... Your peace of mind and protection are paramount to Visa. ...
      (rec.outdoors.rv-travel)
    • Re: Travels....Day 9
      ... the same card and every station treats it differently. ... me a five dollar credit to boot..if more people would make a fuss ... for fraudulent charges made with your card or account information. ... Your peace of mind and protection are paramount to Visa. ...
      (rec.outdoors.rv-travel)
    • Re: Travels....Day 9
      ... the same card and every station treats it differently. ... me a five dollar credit to boot..if more people would make a fuss ... for fraudulent charges made with your card or account information. ... Your peace of mind and protection are paramount to Visa. ...
      (rec.outdoors.rv-travel)