New innovation in web skimming leads to the hijacking of genuine E-commerce website domains.
Web security company Akamai said it has identified and warned victims in North America, Latin America and Europe that their personal data could be leaked and exploited for financial gain. These attacks have been going on for about a month. The hackers have two objectives: to spread their malware to other sites and steal information like credit card credentials from the infected site.
This is a Magecart-style web skimmer which attacks through an existing vulnerability in one of the e-Commerce platforms. In WordPress and WooCommerce it could be in a theme or plugin, on Shopify and the rest of the platforms it is not narrowed down to a single vulnerability but a widened scope of vulnerabilities. This skimmer is innovative in using obfuscating and masking itself as third-party services such as Google Analytics or Google Tag Manager. Akamai says it is still unclear how these sites are being breached through the platforms and their third-party vendors are all being targeted.
What can you do?
Make sure all your e-Commerce users, third-party apps and plugins are updated and that the platform is in the latest version
It has also been recommended to use a Web Application Firewall (WAF) which proactively detects and prevents attacks and probes that the hacker uses when searching for a weakness in your site.
If you have any questions about any of this information and how it can affect you, your business and/or your team. Please reach out to us at Britec.