The infamous criminal collective known as Magecart has successfully infiltrated the Newegg site and stole the stored payment card details stored by the company’s customers. This is a critical breach into the online merchant’s systems as the criminals were able to obtain a very large database of sensitive content. This is a yet-another infiltration of this hacker group which shows that its members are capable of getting into many major online services and companies.
Magecart Hackers Hacked Newegg & Acquired Customer Payment Card Data
The exact attack mechanism that allowed the intrusion is the creation of a similar sounding domain called neweggstats which appears to have been created back in 2015. The hackers have been able to acquire a SSL certificate issued by a legitimate provider. By infiltrating the Newegg servers and specifically the checkout page used by the payment processor. The hacker-controlled page will be the one that will acquire the information.
Both desktop and mobile customers are affected by the breach however the number of affected customers is not known. Statistics showcase that more the site has more than 50 million visitors. The fact that the digital skimmer code was available for a (Read more...)
*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | SensorsTechForum.com authored by Martin Beltov. Read the original post at: https://sensorstechforum.com/magecart-hackers-stole-customers-payment-card-data-newegg/