An underground credit card clearing house has itself been hacked, an investigation by Trend Micro has confirmed.
The operation - a holding firm for anonymous payment service Fethard - processes credit card payments for a rogue's gallery of fake anti-virus (scareware) suppliers, spam-promoted unlicensed pharmaceutical and extreme pornography sites.
Hackers claimed to have breached a server behind its website on 23 July, publishing information online including employee emails and recorded phone calls, one discussing techniques to defraud credit card firms. The perpetrators of the hack and their motive remain unidentified, but it is potentially an assault from cybercrime rivals.
Trend said the information on the unnamed credit card processor, registered in the Netherlands but actually run from Russia and Latvia, checks out. The firm has legitimate customers in Russia as well as rather more unscrupulous clients, reportedly taken on to keep the business afloat after it became the victim of cybercrime itself a few years ago.
"In 2007, a large sum of money was stolen from Fethard’s funds. This has undoubtedly created problems for Fethard and has possibly pulled the mother company deeper into the cybercrime business," Trend Micro researcher Feike Hacquebord explains.
"This hacking incident would probably make a lot of cybercriminals nervous. Unfortunately, the incident also puts the personal data of legitimate customers and of many ordinary Russians at risk." ®