Login

Register

Login

Register


A website set-up to accept donations for victims of the devastating Australian bushfires has become a victim itself — of digital skimming code designed to harvest card details.

Security researchers at Malwarebytes took to Twitter to reveal the problems that hit the unnamed donations site, which was raising money for those affected by fires in Lake Conjola that have destroyed scores of homes.

In such Magecart-style attacks, hackers typically inject malicious JavaScript into payment pages to harvest card and personal data as it is entered in by shoppers, or in this case, donators to a worthy cause. It is then exfiltrated to an external domain under the attackers’ control.

It’s a tried-and-tested method for data theft that lands the attackers with a complete set of information for each victim, worth more on the dark web than individual components.

In this incident, the malicious script in question was identified as “ATMZOW” and the known bad domain it exfiltrated data to was spotted as vamberlo[.]com.

Replying to the post on Twitter, Troy Mursch of security firm Bad Packets claimed that the same malicious script had been identified targeting an additional 39 separate websites.

Deepak Patel, security evangelist at PerimeterX, argued that Magecart attackers have hit new lows with this latest raid.

“Given the lack of visibility into such client-side attacks, the website owners often find out about the data breach days or weeks after the code injection. This extended time allows skimmers to monetize the stolen cards to the fullest extent,” he explained.

“Any site that processes user PII and accepts payments should take steps to shore up their application security by tracking and monitoring first- and third-party code execution on their sites in real time.”

RiskIQ last year claimed to have identified over two million Magecart detections in the wild — a sign of its growing popularity among black hat data thieves.



____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW