Hackers target real estate websites with skimmers to carry out a supply chain attack on more than 100 real estate websites operated by Sotheby’s Realty. The threat actors inject malicious skimmers on such websites to steal sensitive personal information.
The researchers further said, “The attacker altered the static script at its hosted location by attaching skimmer code. Upon the next player update, the video platform re-ingested the compromised file and served it along with the impacted player.” This also worked with the video service and the real estate company to help remove the malware.
According to MalwareBytes, the campaign started in early January 2021 where the hackers managed to harvest information such as names, emails, phone numbers, credit card data from a remote server “cdn-imgcloud[.]com”. It also functioned as a collection domain for a Magecart attack targeting Amazon CloudFront CDN in June 2019.
Users are recommended to conduct web content integrity checks on a periodic basis to detect and prevent injection of the malicious code into online sites. They should also safeguard accounts from takeover attempts and watch out for potential social engineering schemes.
On a concluding note, the researchers said, “The skimmer itself is highly polymorphic, elusive and continuously evolving. When combined with cloud distribution platforms, the impact of a skimmer of this type could be very large.”
SlimPay fined €180k after having 12 million customers’ data publicly accessible for five years.
Fake Telegram Messenger App Hacking PCs with Purple Fox Malware
Apple’s iOS Mobile Operating System is Vulnerable to New HomeKit ‘doorLock’ Bug