DIY Tool Website Greenworks Hacked By Self-Destructing Web-Skimmer – Expert Reaction

Researchers have observed a highly-sophisticated self-cleaning and self-destructing skimmer on the popular hardware tool website Greenworks. Since the pandemic lockdown there has been an increase in people taking on homeware and gardening improvements.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Ameet Naik
Ameet Naik , Security Evangelist
InfoSec Expert
June 11, 2020 10:23 am

Magecart attacks are continuing to become more sophisticated as seen with the self-cloaking capabilities and anti-tampering protection used in this attack on Greenworks\’ site. Removing the DOM interface to keep the malicious code hidden is yet another malicious tactic. While it helps to stay current with security patches and software updates, businesses need to gain visibility into the client-side in order proactively alert them about Magecart attacks, and significantly shorten the mean time to mitigation.

Last edited 2 years ago by Ameet Naik
1
0
Would love your thoughts, please comment.x
()
x