Comment: North Korean Hackers’ Involvement to Credit Card Stealing Attacks on US Stores

By   ISBuzz Team
Writer , Information Security Buzz | Jul 06, 2020 04:28 am PST

Today, new research has been released revealing the truth that for a least a year, North Korean hackers have been stealing card information from large retailers’ customers in the U.S and Europe. And according to researchers, such a fraudulent scheme directs to the Lazarus (Hidden Cobra), a group of nation-state hackers. In the act of exfiltrating the stolen credit card data and hiding the operation, legitimate websites have been used. In the past years, this credit card information stealing incident from customers of online stores is becoming a threat. These are what we commonly known as the MageCart attacks from which hackers use malicious scripts (web skimmers) to copy private information from the checkout page.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Jamie Akhtar
Jamie Akhtar , CEO and Co-founder
July 6, 2020 12:31 pm

The COVID-19 crisis has accelerated society\’s transition to a cashless economy and cybercriminals are clearly taking advantage of the increase in online spending. Online retailers need to be prioritizing their cybersecurity right now. Luckily, that doesn\’t have to be difficult or costly. Following the basics of cyber hygiene can go a long way in preventing these types of breaches which are often due to a simple error like unpatched software. This was the case with British Airways who had the data of 380,000 customers stolen in 2018 using unpatched Magento software. It is critical that businesses keep their e-commerce software up-to-date and review their basic security settings. In addition, they should review all of their users and check everyone who has FTP, SFTP, SCP, SSH, and VPN access.

Last edited 3 years ago by Jamie Akhtar

Recent Posts

Would love your thoughts, please comment.x