HQ/EMEAFind out how we can help your business
About 75,000 bogus internet shops named ‘BogusBazaar’ deceived over 850,000 individuals in the United States and Europe into making purchases, allowing hackers to steal credit card information and attempt to process approximately $50 million in fraudulent orders.
Based on reports, millions of stolen credit card credentials are currently traded on dark web marketplaces. These incidents allowed other threat actors to purchase them and make fraudulent online purchases.
BogusBazaar tried to make purchases that reached millions of dollars.
According to investigations, the BogusBazaar network has attempted to handle an estimated $50 million in fraudulent sales since its establishment three years ago. Researchers also revealed that most casualties are in the United States and Western Europe.
However, the questionable part of these attacks is that there is absolutely no victims have been reported from China, making additional cases of the rumours that the attackers came from the country.
The fraudsters manage bogus businesses on previously expired domains with an excellent Google reputation, generally claiming to sell shoes and apparel at cheaper prices. The sites are built semi-automatically and include custom names and logos to make them more believable to unknowing customers.
These sites’ damages mostly came from payment pages that can capture victims’ contact and credit card information or steal money through online payment platforms, such as PayPal.
Researchers also stated that this cybercrime group is divided into multiple teams with specific functions that operate under an infrastructure-as-a-service approach.
The BogusBazaar core team deploys infrastructure and appears to operate only a small number of fake webshops. In addition, this team is responsible for developing software, deploying backends, and customising various WordPress plugins that support fraudulent transactions and operations.
According to the researchers, the operation’s management and developers create customised WooCommerce WordPress plugins that the hackers use to steal money and data. Additionally, that team runs only a few bogus shops, probably for testing.
On the other hand, most BogusBazaar stores are run by an extensive, decentralised network of franchisees who use the tools the core team offers to handle their daily business. The webshops, payment gateways, and administrative applications are all within a distinct infrastructure.
Users should be careful when accessing unverified online shopping platforms, especially if they offer low-priced products too good to be true, to avoid financial loss or data compromise.
