Software nasty can burn through 1.7 million account numbers per hour
Cybercrooks are using a bot to automate the process of breaking into and draining online gift card accounts.
The software nasty, named GiftGhostBot, attempts to steal cash from money-loaded gift cards provided by a variety of retailers around the globe, according to Distil Networks.
Any website – from luxury retailers to supermarkets to major coffee distributors – with gift card processing capabilities could be a target. Distil has seen this attack on almost 1,000 websites since it first detected it late last month.
Fraudsters are using the bespoke cybercrime tool to generate lists and lists of account numbers, and request the balance for each number. Whenever this brute-force attack throws up an actual balance, rather than an error or zero, the account number is automatically logged.