Not good, is it? Bad guys using custom built scripts to steal card data from payment databases. Botnets. Adware installs. The whole nine yards. For a quick summary of what we found, read this, and this. When you're done with those, you might want to check out our interview with the guy who provided the initial tip-off, RinCe.

My humble opinion? One of the nastiest scams I've come across, and proof (if it were needed..which it isn't) that kids are happily swapping your card details like Pokemon cards and they really couldn't care less. Bottom line - start thinking protection, or else it'll soon be a case of damage limitation.