Credit card skimming campaign targeting e-commerce websites

Started by Kalyan, Jul 21, 2020, 07:11 AM

previous topic - next topic
Go Down

Kalyan

Credit card skimming campaign targeting e-commerce websites

Researchers at the cybersecurity firm found over a dozen websites which have been compromised with malicious code injections into one of their legitimate JavaScript libraries

Indian Computer Emergency Response Team (CERT-In) on Saturday issued a public warning about a credit card skimming campaign spread through sports, health and e-commerce websites.

In an official post, CERT-In explains attackers are targeting websites hosted on Microsoft's IIS server running with ASP.NET web application framework (used to develop web apps and services).

The problem lies with version 4.0.30319 of ASP.NET which is no longer officially supported by Microsoft and contains multiple vulnerabilities which makes it easier for attackers to exploit them.

CERT-In has advised websites using ASP.NET web framework and IIS web server to use the latest version and conduct security audits of web application, web server and database server, in addition to checking web server directories regularly for any malicious web shell files and remove them before they can be exploited.

CERT-In refers to a recent Malwarebytes Labs report, which found a known vulnerability (CVE-2017-9248) for ASP.NET that has been exploited recently to steal credit card credentials.

Researchers at the cybersecurity firm found over a dozen websites which have been compromised with malicious code injections into one of their legitimate JavaScript libraries.

ASP.NET is a widely used web application framework by websites running shopping cart applications. The compromised websites found by Malwarebytes Labs had a shopping cart which was targeted by attackers.

The skimmer codes injected into the JavaScript libraries are designed to steal credit card numbers as well as passwords.

Researchers point out, the skimming campaign started sometime in April.

Due to covid-19 online transactions and payments have increased considerably. This has widened the attack surface for hackers. While CERT-IN's warning was specific to a few websites that were using the outdated web server framework, in another recent instance attackers have been found to be targeting mobile apps to steal card details.

Cybersecurity firm ThreatFabric has recently detected a new malware called BlackRock which has targeted over 337 Android apps.

It uses overlays (fake window) with keylogger functionality on top of a legitimate app prompting users to enter card details to get access into the app. As the users enter the card details the keylogger captures them to forward to attackers.


source - live mint

Go Up
 

Quick Reply

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Warning: this topic has not been posted in for at least 120 days.
Unless you're sure you want to reply, please consider starting a new topic.

Note: this post will not display until it's been approved by a moderator.
Name:
Email:
Verification:
Please leave this box empty:

Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:

shortcuts: alt+s submit/post or alt+p preview
IT Acumens Web Designing Chennai | GinGly :: Build your Personal Website | CineBuzz :: Cinema News | My Kids Diary :: Gift your Kids Memories :: Book Website @ 349 Rs monthly
Copyright 2005 - 2021 :: IT Acumens :: All Rights Reserved. :: XML Sitemap
ITAcumens Discussion Forum with 2 lakhs post running for 15 years - Powered by IT Acumens Pro Dedicated Server

My Kids Diary