According to the report Kromtech Security, fraud, stealing credit cards, to launder illegally obtained money through Clash of Clans and other popular games.
Criminals also use gaming infrastructure such famous mobile apps like Clash Royale and Marvel Contest of Champions.
The mechanism of withdrawal is the same everywhere. Getting access to data credit card of the victim, the fraudsters buy various in-game resources — useful artifacts, weapons and ammunition. Then they sell these things to other players and earned the money transferred to their accounts.
Many developers encourage the development of trade between players, because it brings them a sum that is comparable to the sales of the game. The situation is complicated by the fact that trace the history of the transaction is problematic, and to prove that removed from the game the money was obtained illegally, is almost impossible.
To launder money through Clash of Clans and other games, cyber-criminals have created a database which contains more than 37 million records with the numbers and CVC codes for credit cards. They’ve adjusted the algorithms so that funds are debited automatically. This allowed the attackers not only save you time, but also to protect themselves.
The disclosed scheme lasted about a month. To work often used a dummy Apple account. A iPhone, jailbroken with jailbreak, allow to generate any number of such ID.
It is difficult to say how many managed to make the attackers. Kromtech Security staff sent copies of reports to the U.S. Department of justice and the creators of games. Perhaps this will allow us to take actions that will complicate the lives of fraudsters.