Skip to main content

Packet sniffers used to lift payment card data

Interesting to read that high-tech fraudsters used packet sniffing technology to lift payment card data from eleven Dave & Buster's restaurant locations across the US over the last year.

According to the Ars Technica newswire, two of men - Maksym "Maksik" Yastremskiy and Aleksandr "JonnyHell" Suvorov - are being held on 27 counts including aggravated identity theft, unauthorised computer access involving an interstate communication, and interception of electronic communications.

The two men are said to have used fake IDs to get them into the IT rooms of the restaurants and installed packet sniffers between April and September of last year.

The volume of card data they managed to swipe (if you'll pardon the pun) remains unknown, but police have revealed that the men managed to lift at least 5,000 sets of card data from the New York restaurant alone.

The third man, Albert Gonzalez, wrote the packet sniffing software the other two used.

His software was buggy, apparently requiring a restart whenever a server was rebooted and, this, say the newswire reports, is almost certainly the reason why his two colleagues got caught revisiting the stores concerned.

Doh! that's almost worthy of Homer Simpson in terms of complete stupidity