A massive network of 75,000 fake online shops called ‘BogusBazaar’ tricked over 850,000 people in the US and Europe into making purchases, allowing the criminals to steal credit card information and attempt to process an estimated $50 million in fake orders.
Additionally, millions of stolen credit card details were resold on dark web marketplaces, allowing other threat actors to purchase them and perform unauthorized online purchases.
According to a report by the German cybersecurity firm Security Research Labs GmbH (SRLabs), the BogusBazaar network has attempted to process an estimated $50 million in fake purchases since the operation launched three years ago.
Most of the victims are concentrated in the United States and Western Europe. At the same time, there are virtually no victims from China, which is thought to be the operational base of the scam operation.
Source: SLR
A massive network of fake webshops
BogusBazaar is a highly organized operation that has launched over 75,000 fake webshops since 2021 but has recently diminished to over 22,500 active sites.
The cybercriminals host fake shops on previously expired domains with a good reputation with Google and typically pretend to sell shoes and clothing products at very low prices.
The sites are created semi-automatically and feature custom names and logos, so there’s some effort to raise the quality and, with it, the perceived legitimacy of the shop.
Source: SLR
The payment pages on these sites either collect the victims’ contact and credit card details or steal people’s money via PayPal, Stripe, and credit card payments for non-existent orders they will never receive.
SRLabs says the cybercrime group is organized, featuring distinct teams with dedicated roles operating under an infrastructure-as-a-service model.
“The group has adopted an ‘infrastructure-as-a-service’ model: A core team is responsible for infrastructure management, while a decentralized network of franchisees operates fraudulent shops,” reads the SRLabs report.
“The BogusBazaar core team deploys infrastructure and appears to operate only a small number of fake webshops. The core team is responsible for developing software, deploying backends, and customizing various WordPress plugins that support fraud operations.”
The researchers say the management and developers behind the operation are creating customized WooCommerce WordPress plugins used to…
Click Here to Read the Full Original Article at BleepingComputer…