Hundreds of Online Shopping Sites Vulnerable to Theft
Clever Trickery to Disguise the Hacking Activities
Although the way the affected websites were infected remains unknown, it has been determined that all of the affected e-commerce sites run on the Magento e-commerce CMS platform. The malicious domain, named www.magento-analytics[.]com, has no connection to the popular CMS platform whatsoever despite its similar name. The use of the CMS platform’s name as part of the malicious domain’s name is merely a ruse to confuse customers and thus to disguise the malevolent activity. Researchers discovered that www.magento-analytics[.]com is registered in Panama, but that the IP address that it used has jumped across the globe to countries including the United States, Russia, and China.
How the Hack is Perpetrated
The hacking technique used in this cybercrime is a fairly classic method of stealing digital data. The code is identical to what the notorious Magecart hackers used to gain access to the details of customers on the British Airways, Newegg, and Ticketmaster websites. Malicious script is inserted into checkout pages where it silently captures payment details as shoppers make their purchases. The information is then sent to a remote server where it is retrieved by the hackers.
Be Cyber Safe
Customers shopping online would do well to practice basic personal oversight of their credit cards and bank statements. Any unauthorized transaction appearing there, no matter how minute, should be reported immediately.