34 matches found
A week in security (January 13 – January 19)
Last week on Malwarebytes Labs: iMessage text gets recipient to disable phishing protection so they can be phished The new rules for AI and encrypted messaging, with Mallory Knodel Lock and Code S06E01 Insurance company accused of using secret software to illegally collect and sell location data ...
Avery had credit card skimmer stuck on its site for months
The consequences of a wave of credit card skimmers—which is normal around the holidays—are starting to show. Label maker Avery has filed a data breach notification, saying 61,193 people may have had their credit card details stolen. On December 9, Avery said it became aware of an attack on its...
WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables
Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress e-commerce checkout pages by inserting malicious JavaScript code into a database table associated with the content management system CMS. "This credit card skimmer malware targeting WordPre...
WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers
WordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes to activate two-factor authentication 2FA mandatorily. The enforcement is expected to come into effect starting October 1, 2024. "Accounts with commit access can pu...
Magento Sites Targeted with Sneaky Credit Card Skimmer via Swap Files
Threat actors have been observed using swap files in compromised websites to conceal a persistent credit card skimmer and harvest payment information. The sneaky technique, observed by Sucuri on a Magento e-commerce site's checkout page, allowed the malware to survive multiple cleanup attempts, t...
Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker
Cybersecurity researchers have discovered a credit card skimmer that's concealed within a fake Meta Pixel tracker script in an attempt to evade detection. Sucuri said that the malware is injected into websites through tools that allow for custom code, such as WordPress plugins like Simple Custom...
E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop
The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. With memorable hits such as "Internet Swiping" and "Million Dollar Criminal" earning millions of views, Punchmade has leveraged his considerable followi...
Attention Online Shoppers: Don't Be Fooled by Their Sleek, Modern Looks — It's Magecart!
An ongoing Magecart campaign has attracted the attention of cybersecurity researchers for leveraging realistic-looking fake payment screens to capture sensitive data entered by unsuspecting users. "The threat actor used original logos from the compromised store and customized a web element known ...
Critical Magento 0-Day Vulnerability Under Active Exploitation — Patch Released
Adobe on Sunday rolled out patches to contain a critical security vulnerability impacting its Commerce and Magento Open Source products that it said is being actively exploited in the wild. Tracked as CVE-2022-24086, the shortcoming has a CVSS score of 9.8 out of 10 on the vulnerability scoring...
New Golang-based Linux Malware Targeting eCommerce Websites
Weaknesses in e-commerce portals are being exploited to deploy a Linux backdoor as well as a credit card skimmer that's capable of stealing payment information from compromised websites. "The attacker started with automated e-commerce attack probes, testing for dozens of weaknesses in common onli...
Someone Snuck a Card Skimmer Into Costco to Nab Shopper Data
Plus: A Robinhood breach, NSO Group spyware, and more of the week's top security news...
Checkout Skimmers Powered by Chip Cards
Easily the most sophisticated skimming devices made for hacking terminals at retail self-checkout lanes are a new breed of PIN pad overlay combined with a flexible, paper-thin device that fits inside the terminals chip reader slot. What enables these skimmers to be so slim? They draw their power...
Web Credit Card Skimmer Steals Data from Another Credit Card Skimmer
MalwareBytes is reporting a weird software credit card skimmer. It harvests credit card data stolen by another, different skimmer: Even though spotting multiple card skimmer scripts on the same online shop is not unheard of, this one stood out due to its highly specialized nature. "The threat...
A week in security (February 1 – February 7)
Last week on Malwarebytes Labs, we dug into a load of security events. We first peered into how Fonix ransomware was giving up the ghost, swearing off a life of crime and even apologizing for past actions. We looked at a credit card skimmer that found opportunity in the latest Magento 1 hacking...
The most enticing cyberattacks of 2020
This is part one of a two-part series. To read about the strangest cybersecurity events of 2020, read our second story here. In 2020, we experienced a major shift. Much of the world pitched in to limit the spread of the coronavirus, with people changing their daily routines to include a mixture o...
Credit card skimmer targets virtual conference platform
Weve seen many security incidents affecting different websites simultaneously because they were loading the same tampered piece of code. In many instances, this is due to what we call a supply-chain attack, where a threat actor targets one company that acts as an intermediary to others. In todays...
Mobile network operator falls into the hands of Fullz House criminal group
Update 2020-10-05: The malicious code has been removed from Boom! Mobiles website Most victims of Magecart-based attacks tend to be typical online shops selling various goods. However, every now and again we come across different types of businesses which were affected simply because they happene...
Magecart Credit-Card Skimmer Adds Telegram as C2 Channel
The e-commerce card-skimming landscape has a new wrinkle: Cybercriminals affiliated with the Magecart collective are using encrypted messaging service Telegram as a channel for sending stolen credit-card information back to its command-and-control C2 servers. That’s according to researchers who...
Credit card skimmer targets ASP.NET sites
Update: 2020-07-09 A reader contacted us with information about this series of attacks on .NET sites. There is a known vulnerability CVE-2017-9248 for Telerik UI for ASP.NET that is being exploited. An attacker can upload .aspx web shells and get remote code execution. This Telerik page offers...
This Week in Security News: Payment Card Skimmer Attacks Hit 8 Cities and Survey Finds 72% of Remote Workers Have Gained Cybersecurity Awareness During Lockdown
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about eight U.S. cities that recently had payment card data stolen via point-of-sale skimming malware on their Click2Gov online payment...