500,000 Credit Cards Stolen in Australian Point-of-Sale Hack
Australian Police are actively searching for a band of Eastern European Hackers responsible for conducting a point-of-sale hack on 500,000 people in Australia. This is related to the similar situation of the hack on the Subway restaurant chain in the United States.
Apparently, the intrusion occurred at an unidentified merchant. The attack vector from the hackers involved installing keylogging software on point-of-sale terminals. Here’s the major conduit for the attack, though… the company affected used default passwords on their systems and did not encrypt their data.
How easy was it for the hackers to attack? A simple vulnerability that could have been used 5-6 years or more ago… Microsoft Remote Desktop Protocol (RDP). It is imagined that the hackers had the main advantage, and the company was simply asking for it.
Now, these hackers, probably part of the same Romanian group that hacked/breached the Subway restaurant chain the US, their motive is likely to hack vulnerable systems in order to receive financial data. Obviously, the aim to use the credit cards illegally, there is some concern of over 80,000 credit cards being already compromised and possibly millions of dollars funneled.
This blog will try to update more on this story as evidence comes in. Stay tuned!