Web skimming hackers Magecart have breached 3 retail web stores including sports shop Intersport and two of the largest retail chains on the planet, Claire’s, & Icing, according to reports.
Hackers had breached the websites & then hid malicious code to record payment card details punched into checkout forms, says reports emanating from security companies Sanguine Security and ESET.
The companies hit were US based jewellery & accessory giant ‘Claire’s’, group brand ‘Icing’ & a sports retailer, ‘Intersport’ too.
Chris Hauk, Consumer Privacy Champion at Pixel Privacy commented that data skimming attacks like these emphasise that online shoppers should remain vigilant.
Hauk observed “I strongly recommend all online shoppers to pay close attention to their monthly statements, monitoring them for suspicious charges. Users should also set up alerts on their credit & debit cards when available, & invest in credit monitoring, which will alert you to skimming incidents like these, as well as more traditional data breaches.”
Martin Jartelius, CSO at Outpost24 commented that what was the most interesting was that the Intersport site “got breached, remained breached for a few days, recovered & then got breached again!”.
Red Team Engagements
Jartelius further commented “This is a behaviour we have also observed during some Red Team engagements, where monitoring and operations may be in place to recover from unexpected events, but there is a hiccup in the process & security is not brought in. In some cases, operators have been able to reuse the same system for repeated entry into organisations.
“This is a case of working detection but broken recovery, & at best, we as a community can gain from this if others look at this and learn. If there is an unexpected change, & you recover from it – ensure to find out why the unexpected change occurred.”
Claire’s website was breached between 25-30 April, together with sister-brand Icing, says Sanguine Security’s Willem de Groot, & antivirus maker ESET explained the website for Intersport was also attacked.
Raif Mehment, VP EMEA, from Bitglass noted that payment card-skimming malware continues to be a security challenge for retailers around the globe.
Mehment concluded “British Airways, Newegg, & now Claire’s have all been victims of Magecart’s malware, highlighting the need for security solutions which monitor for vulnerabilities & threats, across all devices & applications, & in real-time.
“With these capabilities, retailers can be proactive in detecting & thwarting breaches before they happen, ensuring that their customers’ sensitive information is protected.”