An international anti-fraud operation involving seven countries has been successful in shutting down a chain of sites selling stolen credit card numbers and other illegally obtained financial information.
The operation resulted in the seizure of 36 website domains that were being used to sell stolen card data to other criminals. It involved a cooperative effort between the US's Federal Bureau of Investigation (FBI), Germany's Bundeskriminalamt (Federal Police), the Netherlands' Korps Landelijke Politiediensten (National Police Services Agency), Ukraine's Ministry of Internal Affairs, Australia's Federal Police, Romania's National Police and the UK's Serious Organised Crimes Agency (SOCA).
The operation focused on sites that were using e-commerce platforms known as automated vending carts (AVCs) that enabled criminals to quickly sell large numbers of stolen card information. These sites were tracked down and monitored by SOCA, and, with the assistance of the other six law-enforcement organisations, it recovered 2.5 million items of compromised information from the past two years.
By passing this information to the relevant financial institutions, SOCA believes that it can stop fraud from occurring on the affected accounts to the tune of $0.78 billion.
Two men suspected of making large-scale purchases of the compromised data from AVCs have also been arrested by SOCA, and after the agency passed information to Macedonian authorities, the Macedonian Ministry of Interior Cyber Crime Unit arrested a third person alleged to be an AVC operator.
SOCA said that it has seen the number of criminals using AVCs increase in the past 18 months due to its ability to help criminals sell larger stolen financial information in bulk.