Holiday Shopping Season Leads to a Surge in Bank Card Skimming
- Written by Shipra Sanganeria Cybersecurity & Tech Writer
An increase in online shopping, particularly during the holiday season or mega-sale events like Black Friday and Cyber Monday results in an uptick in credit card skimming.
Anti-malware solutions company, Malwarebytes, warned customers about the occurrence of data theft through malvertising and phishing websites. ‘’Online stores are not always as secure as you might think they are […]. When a merchant website is hacked, any purchase made has the potential of being intercepted by bad actors.’’
Malwarebytes has been following one particular skimming campaign, dubbed Kritec, that witnessed a dramatic surge in October after slowing down in summer.
First discovered by security vendor Akamai in March 2023 , the campaign’s deployment is different from other Magecart skimmer campaigns. It injects a malicious JavaScript code into legitimate websites, especially ones built on Magento e-commerce platforms. Hidden within or around the Google Tag Manager script, this heavily obfuscated campaign code easily bypasses detection by security solutions, and exfiltrates stolen data to a threat actor controlled remote server (C2).
Malwarebytes noticed this campaign due to the large number of domain names attributed to it. ‘’The threat actors were also taking the time to customize their skimmer for each victim site with very convincing templates that were even localized in several languages,’’ the researchers revealed.
In addition, the company said that the tactic and technique of the campaign made it near impossible for online users to ‘’realize that their credit card information had just been stolen’’.
The infrastructure for this campaign is located on the IT WEB LTD network (ASN200313), registered in the British Virgin Islands.
Samsung Warns UK Customers of Data Breach
- Written by Shipra Sanganeria Cybersecurity & Tech Writer
Samsung informed in an email notification about a cybersecurity incident that is said to have impacted some of its customers in the UK. The data breach compromised personal information of the said individuals.
The South Korean electronics giant said it discovered the incident on November 13, 2023, however, the breach is said to have occurred between 2019 to 2020. When an unknown actor accessed some customer information by exploiting an external vendor application flaw.
According to the company’s notification , ‘’unauthorized individual exploited a vulnerability in a third-party business application we use, and that some personal information of certain customers who made purchases on SEUK’s eCommerce site between July 1, 2019 and June 30, 2020, was affected.’’
Samsung did not share any details about the security incident, or the third-party application that allowed the threat actor to access the information on its eCommerce site.
Its notification revealed that the compromised information included customers’ name, phone number, postal, and email addresses. It assured its customers that the issue did not impact their passwords and financial information like bank or credit card details.
As per the company’s statement, only customers in the UK seem to be affected by the breach; retailers and customers in other parts of the world appear not to be affected by this. Nevertheless, the necessary security measures have been implemented by the organization to resolve this issue. The incident has also been reported to the UK’s Information Commissioner’s Office.
In the last two years, this is the third time that the tech giant’s system has been breached. In late July 2022 , its US customers were impacted by a data breach wherein their personal data was accessed by an unknown attacker. Prior to this, in March 2022 , Samsung disclosed that its system was infiltrated and internal data stolen, including source code related to operations of Galaxy devices. The statement was released after the Lapsus$ hacking group leaked 190GB of stolen files related to the firm.
