Retail

Retail

Hidden Cobra built global exfiltration network for Magecart skimming scheme

Hidden Cobra threat actors are behind a series of attacks aimed at U.S. and European shoppers, using Magecart to skim credit card information from retailers. “Researchers have attributed the activity to HIDDEN COBRA because infrastructure from previous operations was reused,” according to a report from Sansec, which also identified distinctive patterns in the malware code…

Party City celebrates IT risk assessment program; reveals keys to success

At InfoSec World 2020 on Tuesday, a pair of risk officers from Party City offered an inside glimpse into how the $2.1 billion specialty retailer pulled off its first-ever top-down enterprise-wide IT risk assessment. Among the chief success factors they cited were: executive buy-in, the collaboration of skilled partners, assuring adequate resources, well-planned project scoping,…

Magecart skimmed from Claires.com for nearly two months

International retailer Claire’s, whose fashion accessories are popular with tweens and teenagers, was hit with a Magecart scheme that skimmed PPI, including credit card data, for nearly two months. Discovered by researchers at security firm Sansec, the malware injection began on April 20 and stopped on June 13. The skimming began on March 20, the…

Retail & IT Security

Magecart skimmer strikes Fitness Depot at checkout

A Magecart credit card skimmer scheme used on Canadian fitness equipment retailer Fitness Depot’s e-commerce system Feb. 18 affected an undisclosed number of customers requesting either at-home delivery or in-store pickup at one of the company’s 40 stores. A bogus form placed on the Fitness Depot website managed to capture names, addresses, email addresses, telephone…

Malicious actor holds at least 31 stolen SQL databases for ransom

A malicious cyber actor or hacking collective has reportedly been sweeping the internet for online stores’ unsecured SQL databases, copying their contents, and threatening to publish the information if the rightful owners don’t pay up. The perpetrator has stolen the copied versions of at least 31 SQL databases, which have been put up for sale…

Favicons found housing credit card skimming malware

Malicious actors set up an entire online repository of malicious, credit card skimmer-laden favicons to lure in companies looking for a graphic to appear their browser tab. Favicons are a branding graphic, also known as a shortcut icon, website icon, tab icon, URL icon or bookmark icon. And while they are normally benign, a cybergang…

NintendoSwitch

Resellers reportedly using bots to buy up in-demand Nintendo Switches

Consumers sheltering in place at home who were hoping to order a Nintendo Switch to stave off cabin fever during the COVID-19 pandemic have reportedly been thwarted by a newly introduced bot program designed to buy up consoles from e-retailers before ordinary humans can. Dubbed Bird Bot, the open-source tool has been used by buyers…

Report: NutriBullet’s website injected with skimmer three times by Magecart Group 8

Since February, a prominent Magecart cybercriminal group has injected the same Java-based payment card skimmer program not one, not two, but three times into the compromised international website of blender manufacturer NutriBullet, researchers from RiskIQ have reported. Each time a skimmer was removed from nutribullet.com, the criminal actors, known as Magecart Group 8, would reintroduce…

No glossing this over: Leaky Estée Lauder database exposes 440M records

The Estée Lauder Companies Inc. accidentally left over 440 million records publicly exposed after failing to password-protect a corporate database, according to a researcher who spotted the oversight. The misconfigured database was found to contain emails in plain text, including those sent from internal email addresses; references to reports and internal documents; and IP addresses,…

Next post in Database security