Everyone in retail can breathe a little easier today knowing that federal authorities have charged David Benjamin Schrooten, or as he is known in cyber space “Foretezza,” with multiple counts of credit card theft.  Allegedly, Schrooten, who is a Dutch national, and his U.S. accomplice, Christopher A. Schroebel, actively hacked retail computer systems in the Seattle area, specifically to obtain credit cards.  Once they stole the desired data, Schrooten is suspected of selling the credit cards on black market Internet sites.

At the time of this posting, it is believed that more than 44,000 credit cards were illegally obtained resulting in millions of dollars of fraudulent charges.  The method for the theft is similar to others that have recently been seen affecting retailers across the country. Everyone who owns a retail business should be familiar with this technique so that they can verify that their own security is sufficient to protect against this type of attack.

Basically the scenario goes something like this – First, a vulnerable POS system is remotely compromised using a variety of hacking methods, and then malware is uploaded that is tailored to the POS system to capture credit card data as it is received from the swipe. The hackers involved need to be sophisticated in order to be successful with this scheme, but with potentially millions of dollars at stake, there is no shortage of criminals willing to put forth the effort.

The reason this story is particularly rewarding is that one of the suspects was in Romania when he was captured by the Romanian National Police. In the past, Romania was one of the countries where cyber criminals had free reign to perform their illegal actions with little risk of reprisals.  This arrest is a good sign that Romania may not be a safe haven for criminals anymore and that the U.S. Department of Justice may be more successful in arresting and prosecuting foreign criminals in the future.  As U.S. Attorney Jenny A. Durkan stated in a press release earlier this week, “Cybercriminals need to know: We will find you and prosecute you.”

All we can say to that is good luck and keep up the good work!

Related Content

User Comments – Give us your opinion!

Features

News

Blogs

User Comments

Products & Services

FireFly Point-of-Sale

http://global.networldalliance.com/new/images/products/4282.png

4282/FireFly-Point-of-Sale

Restaurant technology news, trends & best practices

http://global.networldalliance.com/new/images/products/5079.png

5079/Restaurant-technology-news-trends-best-practices

PeopleMatter SCHEDULE™

http://global.networldalliance.com/new/images/products/4628.png

4628/PeopleMatter-SCHEDULE

Retail ATM - Bar, Lobby, Convenient Store

http://global.networldalliance.com/new/images/products/Triton_RL5000_sm.gif

535/Retail-ATM-Bar-Lobby-Convenient-Store

Low Cost ATM

http://global.networldalliance.com/new/images/products/RL2000_100.gif

1019/Low-Cost-ATM

DriverSafe

http://global.networldalliance.com/new/images/products/keyboard_iix.gif

1424/DriverSafe

Recipes

http://global.networldalliance.com/new/images/products/cubanmedianochepizza_100.jpg

1917/Recipes

Self Serve iPad Ordering

http://global.networldalliance.com/new/images/products/5605.png

5605/Self-Serve-iPad-Ordering

Leapfrog POS App

http://global.networldalliance.com/new/images/products/4559.png

4559/Leapfrog-POS-App

Online Ordering

http://global.networldalliance.com/new/images/products/5931.png

5931/Online-Ordering

PCI Compliance & Network Security

Latest posts by Brad Cyprus
Brad Cyprus
Bradley K. Cyprus has more than 20 years experience in the security industry. He manages the development of in-house solutions to validate compliance, and he is a resource that Vendor Safe customers can rely upon to help interpret the PCI standard.
Website:
Related Content
Request Information From Suppliers
Save time looking for suppliers. Complete this form to submit a Request for Information to our entire network of partners.