‘Distributed guessing’ attack lets hackers verify Visa card details
Add credit card fraud to the list of things that distributed processing can speed up. An e-commerce site will typically block a credit card number after 10 or 20 failed attempts to enter the corresponding expiry date and CVV (card verification value), making life difficult for fraudsters who don't have a full set of credentials. But there are plenty of e-commerce sites out there, and it's possible to obtain missing account details by submitting slightly different payment requests to hundreds of them in parallel. It takes less than six seconds to perform the "distributed guessing attack," according to the researchers at Newcastle University in the U.K. who figured out how to do it.To read this article in full or to leave a comment, please click here