Today, new research has been released revealing the truth that for a least a year, North Korean hackers have been stealing card information from large retailers’ customers in the U.S and Europe. And according to researchers, such a fraudulent scheme directs to the Lazarus (Hidden Cobra), a group of nation-state hackers. In the act of exfiltrating the stolen credit card data and hiding the operation, legitimate websites have been used. In the past years, this credit card information stealing incident from customers of online stores is becoming a threat. These are what we commonly known as the MageCart attacks from which hackers use malicious scripts (web skimmers) to copy private information from the checkout page.
The COVID-19 crisis has accelerated society\’s transition to a cashless economy and cybercriminals are clearly taking advantage of the increase in online spending. Online retailers need to be prioritizing their cybersecurity right now. Luckily, that doesn\’t have to be difficult or costly. Following the basics of cyber hygiene can go a long way in preventing these types of breaches which are often due to a simple error like unpatched software. This was the case with British Airways who had the data of 380,000 customers stolen in 2018 using unpatched Magento software. It is critical that businesses keep their e-commerce software up-to-date and review their basic security settings. In addition, they should review all of their users and check everyone who has FTP, SFTP, SCP, SSH, and VPN access.