Experts Insight On NutriBullet.com Magecart Attack

Researchers have uncovered a Magecart Group 8 attack against blender vendor NutriBullet that installed credit card stealing malware on the company’s website. Security experts provide insight into this attack.

Experts Comments

March 19, 2020
Lamar Bailey
Senior Director of Security Research
Tripwire
Credit Card Skimmers are not just for gas pumps and ATMs. We see them on the internet pretty often since it has become harder to infiltrate a database to gain all of the credit card information. Using skimmers, attackers can intercept the card data before it is transferred and encrypted in the database and, since attackers are getting these numbers in real time, the vast majority of the cards are good to spoof. If a database is breached, a percentage of the cards are no longer valid because.....Read More
Credit Card Skimmers are not just for gas pumps and ATMs. We see them on the internet pretty often since it has become harder to infiltrate a database to gain all of the credit card information. Using skimmers, attackers can intercept the card data before it is transferred and encrypted in the database and, since attackers are getting these numbers in real time, the vast majority of the cards are good to spoof. If a database is breached, a percentage of the cards are no longer valid because they have been replaced or expired, so this data stream is more reliable. Websites, especially those serving as market fronts, should be under strict change control. Any modifications should be traceable to an approved and expected change. If the modification is not, it should automatically be rolled back and an investigation should immediately take place. It is still a major issue when trying to contact organisations to take responsibility disclose security concerns. Every site should have a contact page for security concerns! Emailing or calling support is often very frustrating and leads to a dead-end. The front line support engineers don’t understand the gravity of the situation or have no idea how to route the concerns to the correct group. We often try to contact company leadership via email or LinkedIn but many of these attempts go unanswered because they are assumed to be SPAM or sales tactics.  Read Less
March 19, 2020
Javvad Malik
Security Awareness Advocate
KnowBe4
Magecart attacks continue to inject themselves into payment portals on websites, and show no signs of slowing down. It is why it's important for organisations to embed a culture of security so that each team takes on the responsibility not just to embed security in design and deployment - but factor in continuous security assurance so that any unauthorised changes can be quickly detected and investigated. The fact that the website has been compromised 3 times in as many weeks would indicate.....Read More
Magecart attacks continue to inject themselves into payment portals on websites, and show no signs of slowing down. It is why it's important for organisations to embed a culture of security so that each team takes on the responsibility not just to embed security in design and deployment - but factor in continuous security assurance so that any unauthorised changes can be quickly detected and investigated. The fact that the website has been compromised 3 times in as many weeks would indicate some underlying flaw that needs to be addressed urgently.  Read Less
March 19, 2020
Ameet Naik
Security Evangelist
PerimeterX
Magecart attacks are reaching fever pitch with multiple attackers using a variety of techniques to compromise websites and steal credit card numbers. This data is especially valuable on the dark web since it includes all the other information needed to use a stolen credit card online, such as CVV codes, phone numbers, email addresses and ZIP codes. This attack was persistent, with a strong foothold on the website. The attack kept streaming out the stolen data even after several takedown.....Read More
Magecart attacks are reaching fever pitch with multiple attackers using a variety of techniques to compromise websites and steal credit card numbers. This data is especially valuable on the dark web since it includes all the other information needed to use a stolen credit card online, such as CVV codes, phone numbers, email addresses and ZIP codes. This attack was persistent, with a strong foothold on the website. The attack kept streaming out the stolen data even after several takedown attempts by a third party. Businesses need to be faster to react to attacks in order to avoid negative brand impact and to ensure the protection of customer data. As most consumers are now shopping from home, keeping a safe online shopping experience is a must to businesses looking for continuity.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.