100+ ecomm sites under hacker attack

Qihoo 360's NetLab, a Chinese cybersecurity firm, spent months researching to reveal an ongoing hacker attack that involves more than 100 e-commerce websites

1920

The hackers are currently stealing payment card information from customers visiting the hacked websites.

Researchers found that hackers have been injecting malicious JavaScript scripts into hundreds of online shopping websites. This all comes through the malicious domain www.magento-analytics[.]com.

The JS scripts include a CC info skimming code that, when executed, automatically steals payment information.

The researchers said that all these affected websites are running over Magento CMS software.

It gets worse though. Apparently, this attack has been ongoing for at least 5 months now!

The full list of sites in Netlab 360’s report is:

adirectholdings[.]com
adm[.]sieger-trophaen[.]de
adventureequipment[.]com[.]au
alkoholeswiata[.]com
alphathermalsystems[.]com
ameta-anson[.]com
ametagroup[.]com
ametawest[.]com
appliancespareparts[.]com[.]au
armenianbread[.]com
autosportcompany[.]nl
bagboycompany[.]com
boardbookalbum[.]biz
boardbookalbum[.]com
boardbookalbum[.]net
boardbookalbums[.]biz
boardbookalbums[.]net
burmabibas[.]com
businesstravellerbags[.]com
clotures-electriques[.]fr
cltradingfl[.]com
colorsecretspro[.]com
connfab[.]com
cupidonlingerie[.]fr
devantsporttowels[.]com
diamondbladedealer[.]com
digital-2000[.]com
emersonstreetclothing[.]com
equalli[.]com
equalli[.]co[.]uk
equalli[.]de
eu[.]twoajewelry[.]com
eyeongate[.]net
fitnessmusic[.]com
fluttereyewear[.]com
freemypaws[.]info
gabelshop[.]ch
gosuworld[.]com
hotelcathedrale[.]be
huntsmanproducts[.]com[.]au
iconicpineapple[.]com
ilybean[.]com
imitsosa[.]com
jasonandpartners[.]com[.]au
jekoshop[.]com
jekoshop[.]de
junglefeveramerica[.]com
kermanigbakery[.]com
kermanigfoods[.]com
kings2[.]com
koalabi[.]com
lamajune[.]com
li375-244[.]members[.]linode[.]com
libertyboutique[.]com[.]au
lighteningcornhole[.]com
lighting-direct[.]com[.]au
lightingwill[.]com
liquorishonline[.]com
lojacristinacairo[.]com[.]br
magformers[.]com
maxqsupport[.]com
mdcpublishers[.]com
meizitangireland[.]com
monsieurplus[.]com
mont[.]com[.]au
mtbsale[.]com
noirnyc[.]com
nyassabathandbody[.]com
pgmetalshop[.]com
pinkorchard[.]com
pizzaholic[.]net
powermusic[.]com
prestigeandfancy[.]com
prestigebag[.]com
prestigefancy[.]com
prestigepakinc[.]com
prettysalonusa[.]com
promusica[.]ie
qspproducts[.]com
qspproducts[.]nl
qspracewear[.]nl
rightwayhp[.]com
safarijewelry[.]com
schogini[.]biz
shopatsimba[.]com
spalventilator[.]nl
spieltraum-shop[.]de
storageshedsoutlet[.]com
stylishfashionusa[.]com
suitpack[.]co[.]uk
svpmobilesystems[.]com
task-tools[.]com
tiroler-kraeuterhof[.]at
tiroler-kraeuterhof[.]com
tiroler-kraeuterhof-naturkosmetik[.]com
ucc-bd[.]com
ussi-md[.]com
utvcover[.]com
vezabands[.]com
vitibox[.]co[.]uk
waltertool[.]info
waltertool[.]org
waltertools[.]com
workoutmusic[.]com

The Hackers News suggests that websites administrators follow best security practices, such as applying latest updates and patches, limiting privileges for critical systems and hardening web servers.

Whereas online shoppers are advised to regularly review their CC and report even small unauthorized transactions.

100+ ecomm sites under hacker attack

LEAVE A REPLY

Please enter your comment!
Please enter your name here