Experts Comments On Magecart Attack On Hotel Websites Through The Supply Chain

By   ISBuzz Team
Writer , Information Security Buzz | Sep 20, 2019 04:20 am PST

Roomleader, a digital marketing and web development services provider that helps hospitality companies build out their online booking functionality through their library module which saves viewed hotel information in visitors’ browser cookies, was the victim of a magecart attack according to a Trend Micro Report. The hackers injected malicious code into Roomleader’s “Viewed Hotels” module initiating a supply chain attack that has so far infected two hotel chains, one with 107 hotels in 14 countries and the other has 73 hotels in 14 countries

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Usman Rahim
Usman Rahim , Digital Security and Operations Manager
September 20, 2019 12:27 pm

Managing the digital supply chain is difficult because it requires the right tools and expertise. When third party code suppliers deliver code to users through browser and not through a tool that the website publisher/owner uses, the owner has little control of what happens and can\’t monitor when something\’s afoot. If a third party provides or supports the web application, iframes will fall victim to attack. The only way to protect users is to know who’s providing what code and what that code does to users.

Last edited 4 years ago by Usman Rahim
Matan Or-El
Matan Or-El , Co-Founder and CEO
September 20, 2019 12:23 pm

This latest attack on Roomleader shows that Magecart isn’t going away anytime soon. The attack was designed to steal data from payment forms, including credit card details, names and addresses. To accomplish this, attackers even went so far as to translate their fraudulent forms into eight different languages and create a replacement form that asked for Card Verification Code (CVC) numbers. To avoid these attacks, organizations obviously need to do a better job securing their own servers. However, even organizations that look after their own servers\’ security can become exposed through third-parties. Clearly, organizations must make it a priority to assess and manage the risk associated with third-parties in their cyber supply chain.

Last edited 4 years ago by Matan Or-El

Recent Posts

Would love your thoughts, please comment.x