Attackers crack Newegg’s defenses, slurp customers’ credit card data zunostoresu, bigfatcc

The skimmer, injected into the store’s payment page, harvested credit-card details from the store’s online customers for more than a month
The major electronics and computer hardware retailer Newegg has announced that attackers have compromised its online payments system, potentially scooping up buyers’ credit card data over a period of more than a month.
“Yesterday we learned one of our servers had been injected with malware which was identified and removed from our site,” the company said in a statement on Twitter .
According to reports by threat management outfits RiskIQ and Volexity , which jointly uncovered the breach, the data exfiltration lasted from around August 14 to September 18. The attack relied on malicious JavaScript code that was injected into the store’s payment-processing page, where customers input their credit card details.
The malicious script, which worked on both the website’s desktop and mobile versions, would then forward the data to a server (with a no-longer active domain). The domain, neweggstats.com, was designed to blend in with the legitimate newegg.com website, having been set up for that purpose – and with a valid HTTPS certificate at that – on August 13.
The attack has been attributed to a threat collective known as Magecart, which, according to RiskIQ , is also to blame for the recent breach at British Airways , as well as for the breach at Ticketmaster’s UK site .
The script, which only contains 15 lines, has been removed after RiskIQ and Volexity alerted Newegg to the compromise. While customized to steal data from the Newegg website, the script is similar to the one leveraged in the British Airways compromise, said Volexity.
It’s unclear at this point how many people have been affected. Newegg.com is the 164th most popular website in the US, according to Alexa , and it receives some 50 million visitors per month . All customers who made a purchase on the website between August 14 and September 18 should keep their eyes peeled for any suspicious activity on their bank accounts.
Just as an alternative to the closing statement in this article, which currently reads, “All customers who made a purchase on the website between August 14 and September 18 should keep their eyes peeled for any suspicious activity on their bank accounts.”, I’d offer an alternate: if you made a purchase between these dates, contact your Card provider and insist upon a replacement card. Firstly, it will give you an assurance that your details can’t be misused. Secondly – and more importantly – if everyone does this it is going to start to cost the banks and card issuing companies a lot more money. This, in turn, will force them to be much more strict about the way that companies like NewEgg secure card details. If we keep on ignoring the problem, the parasites [crooks] will win. It’s only if we make the banks and card companies feel the cost that changes will be made to keep out details safe. The solutions are out there, it’s just that the people who need to make the decision to implement them are currently insulated from the problem. Collectively, we need to make them sweat a bit.
zunostoresu bigfatcc