TrickBot and Gozi Malware Case Study – Online Payment Card Processing
In their rush to move online many companies neglect crucial security measures. Now they are a target for cybercrime because the data that they collect is attractive to criminals. Targeted information includes: contact information, birthdays, passport numbers, and credit card credentials.
In 2018, an online travel agency, experiencing almost $1 million in losses, contacted BlueVoyant to assist with a chargeback fraud incident. An unknown threat actor was able to access the agency's cloud-based payment card processing application using stolen credentials, putting clients at risk for credit card fraud, damaging the reputation of the agency and risking their PCI compliance.