440+ Online Shops Hacked to Install Credit Card Stealing Malware

Threat actors have been identified to have compromised more than 440+ online merchants to steal customers’ credit card or payment data. It has been discovered that threat actors have been using the digital sniping technique to steal these data.

However, all the merchants have been notified about this compromise and recommended to take necessary actions to prevent these attacks. Europol and Group-IB have acted together alongside ENISA and EMPACT in gathering the threat intelligence data for this operation.

17 Countries and 132 Sniffers

Read moreBuilding cyber skills and roles from CyBOK foundations

According to the reports shared with Cyber Security News, the threat intelligence data gathered about this Digital Skimming attack revealed that threat actors have been using JavaScript sniffers on compromised websites to collect payment data.

23 Detected sniffer families were found, inclusive of ATMZOW, health_check, FirstKiss, FakeGA, AngryBeaver, Inter, and R3nin, which were used against companies in 17 different countries in the European Union, including Colombia, Croatia, Finland, Germany, Georgia, Hungary, Moldova, Netherlands, Poland, Romania, Spain, United Kingdom, and the United States.

Data Theft Goes Unnoticed Often

Read moreAccessibility as a cyber security priority

Digital Skimming goes unnoticed for a long period as the collected data could be used by threat actors by any means. Most often, they are sold in Darknet marketplaces, which are then used by other underground cybercriminals for illicit transactions.

Moreover, Customers and Merchants cannot know that their data was compromised unless an illegal transaction has been made. This operation was conducted after several information was collected about the threat actors.

Read moreNew interactive video - and related downloads - to help secondary school kids stay safe online

The collected threat intelligence data comprises infected websites, detected malware signatures, the extracted domains, gates, and URLs used by attackers to collect data or load other malware, as well as instructions on where to find the malware used to launch digital skimming attacks.

Furthermore, a complete report about this operation has been published, providing detailed information about the operations, actions, and other information.

Read moreNigerian Cybercrime Ring's Phishing Tactics Exposed

The post 440+ Online Shops Hacked to Install Credit Card Stealing Malware appeared first on Cyber Security News.

   Read More 

Read moreS3 Ep135: Sysadmin by day, extortionist by night

Cyber Security News 

Related Posts

React Developer Tools Flaw Let Attackers Launch a DDoS Attack

React Developer Tools Flaw Let Attackers Launch a DDoS Attack

React Developer Tools is an essential tool for developers as it allows them to effectively inspect React components, modify the properties and state of these components, and pinpoint any performance issues. 

With this tool, developers can easily optimize the performance of their React applications, ensuring a smooth and efficient user experience.

React Developer Tools were found to have a vulnerability by Calum Hutton. The flaw is in the validation process of the URL that is retrieved by the browser. This means that there is a potential for security breaches through this loophole.

If you are using React Developer Tools version 4.27.8, be aware that a flaw has been identified. However, the good news is that the issue has been resolved with the latest version, 4.28.4. It is highly recommended to update to the latest version to ensure that your system is free from vulnerabilities.

Document

FREE Demo


Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Arbitrary URL Fetch via Malicious Web Page

The React Developer Tools extension registers a message listener in a content script accessible by a webpage active in the browser.

When the listener code requests the URL derived from the received message, the URL is not validated, which allows a malicious web page to fetch URLs via the victim’s browser arbitrarily.

“The content of the response is not returned to the malicious webpage, the impact of this issue is limited, i.e, sensitive resources available only to the victim cannot be retrieved,” reads the technical report.

One of the vulnerabilities that attackers can exploit involves generating ad clicks, enabling attackers to generate revenue. The same technique can also be combined with other browsers to launch a distributed denial-of-service (DDoS) attack without the knowledge or consent of the victim.

Proof-of-concept has been published, explaining how a crafted message triggers the above switch statement when clicking a button.

“In reality, it’s likely that the malicious web page would automatically send messages to the extension without the need for user interaction,” says Calum Hutton.

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.

The post React Developer Tools Flaw Let Attackers Launch a DDoS Attack appeared first on Cyber Security News.

   Read More 

Cyber Security News