Magecart hackers targeting e-commerce sites selling fake Nike and Adidas shoes
Friday, December 13, 2019
The list of e-commerce websites that sold counterfeit shoes by advertising them as Nike, Adidas, and Converse products and had malicious skimmers in their code is available to view on Malwarebyte's blog post. The firm said that to prevent hackers from stealing their credit card information, buyers should minimise the number of times they enter their credit card information on shopping websites and should check if the websites they visit are being maintained properly.
"Given the multitude of external content on modern web pages, especially on e-commerce websites, it’s extremely complicated to maintain an updated inventory of legitimate external scripts and trackers. Worse, grey e-commerce websites often ignore even the very fundamentals of web application security putting their customers’ data at huge risk. Eventually, the customers are left without any legal recourse given that such websites are located in offshores jurisdictions unreachable under GDPR or CCPA," says Ilia Kolochenko, founder and CEO of ImmuniWeb.
"Magecart attacks [and its vectors] have been around for almost a decade, but now their sophistication and complexity are rapidly evolving, making it an arduous task to detect them. Oftentimes, malicious scripts will remain unnoticed by automated security scanning, disguising themselves as innocent third-party JavaScript," he adds. Read Full Article
Forbes: Hacker Hacks Hacking Platform, Gets Paid $20,000 By The Hackers He Hacked
Forbes: Microsoft Finds Password Security Problem Affecting 44 Million Users