Expert Insight On Hackers Hit NutriBullet Website With Credit Card-Stealing Malware

As reported by TechCrunch, Magecart hackers have struck again, this time targeting the NutriBullet website. Hackers broke into the blender maker’s website several times over the past two months, injected malicious credit card-skimming malware on its payment pages and siphoned off the credit card numbers and other personal data — like names, billing addresses, expiry dates and card verification values — of unsuspecting blender buyers.

Experts Comments

March 18, 2020
Jake Moore
Cybersecurity Specialist
ESET
At a time like this, many companies may take their eye off the ball, but these threat actors are persistent and will exploit anywhere they can. The automated nature of these attacks suggests that the code used in the website was not properly secured as the attackers were able to automatically spot which sites had vulnerabilities. This highlights the need for web developers, especially ones dealing with inputs of sensitive information like credit cards, to keep updated for any discovered.....Read More
At a time like this, many companies may take their eye off the ball, but these threat actors are persistent and will exploit anywhere they can. The automated nature of these attacks suggests that the code used in the website was not properly secured as the attackers were able to automatically spot which sites had vulnerabilities. This highlights the need for web developers, especially ones dealing with inputs of sensitive information like credit cards, to keep updated for any discovered vulnerabilities to reduce exposure. The likes of Ticketmaster and British Airways have been struck in the past like this so these attackers are aiming big.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.