Retail Retail

Retail

New Magecart skimmers practice steganography, data transfer via WebSocket

A researcher has discovered a pair of new Magecart-style web skimmers, each one featuring an evasion technique that’s not typically employed by this breed of malware: steganography and the transfer a data via the WebSocket protocol. The researcher, who uses the handle @AffableKraut, posted his two findings on Twitter last month, prompting the team from…

Attackers sink their meathooks into Landry’s restaurants’ payment card data

The Houston-based steakhouse, restaurant and hospitality company Landry’s, Inc. has advised customers of a point-of-sale malware attack that stole payment card data from an order-entry system used to process kitchen and bar orders. According to a company breach notification, Landry’s food and beverage locations typically use point-of-sale terminals featuring end-to-end encryption technology that protects the…

The group allegedly embedded Bluetooth-enabled skimming devices on gas pumps.

Visa warns against new POS attacks, Fin8 fingered as the culprit

Visa has identified three separate attacks that began last summer targeting gas station and hospitality merchant’s point of sale systems with the cybergang Fin8 being considered the likely perpetrator. The credit card company’s Payment Fraud Disruption department found that two unnamed “fuel dispenser merchants” and a North American company in the hospitality field were infiltrated,…

Magecart skimmer group guns for Smith & Wesson’s Black Friday sales

The e-commerce website of weapons manufacturer Smith & Wesson has been targeted by a Magecart payment card-skimming group that’s been using lookalike domain names to impersonate payment anti-fraud company Sanguine Security. The Smith & Wesson website was compromised with a JavaScript-based skimmer last Wednesday, Nov. 27 – in time to steal card information for any…

Bed Bath & Beyond declares data incident

Home goods retailer Bed Bath & Beyond yesterday disclosed in a Securities & Exchange Commission 8-K filing that an unauthorized third party illegally accessed one percent of its online customers’ accounts. The online intruder acquired the account emails and passwords from a “source outside the company’s systems,” the Union Township, N.J. retailer reported. Based on…

DDoS attackers claim to be Russian APT group, demand ransom

A group of extortionists claiming to be the Russian APT group Fancy Bear launched a ransom denial of service (RDoS) campaign against numerous industry sectors earlier this month, demanding a payment of 2 Bitcoin to stop bombarding victims with amplified traffic. In all likelihood, the attackers are not truly members of a Russian intelligence agency’s…

Fraudsters boldly entered the store to plant skimming devices.

Skimming malware found on American Cancer Society’s online store

One Magecart group decided that helping cancer victims is not enough of a reason to deter them from hitting the American Cancer Society’s online store with skimming malware. Sanguine Security found the malware on www.shop.cancer.org/ hiding behind the GoogleTagManager code. The store sells t-shirts emblazoned with the organization’s logo. “It searches for “’checkout’ (Y2hlY2tvdXQ=) and…

Phishing scam targets users of Stripe payment processing service

Cybercriminals have devised a phishing campaign that that takes aim at customers of the online payment processing company Stripe, with the intention to steal their credentials, compromise their accounts and presumably view their payment card data. The attackers employ two clever tricks to hide their malicious activity. First, they use a technique to block email…

Magecart attack on e-commerce service impacts Sesame Street store and many more

Magecart hackers found out how to get to Sesame Street’s online store – and in all likelihood thousands more merchants – by initially compromising e-commerce and shopping cart service provider Volusion to deliver the credit card-skimming code. Israel-based security researcher Marcel Afrahim, who for his day job works as a research developer at Check Point…

Next post in Security News