Hanna Anderson is the latest retail company to be hit by the famous Magecart as credit cards used on the platform have been said to be spotted on the dark web. Magecart hackers have been in the news lately with their ability to infect a website with malicious code to obtain credit card details of customers.
Similar to their previous operations, the payment page of Hanna Anderson was said to have been infected with a skimmer to get access to sensitive information. Hanna Anderson is a Portland-based apparel maker with both a physical and online store.
Image Source: www.cisomag.com
The investigation led to the discovery that Magecart attackers had stolen credit card details through the infection of malicious code from 16 September 2019 to 11 November 2019.
The company admitted that the hackers stole a number of credit card details of customers which includes the customer names, debit/credit card, CVV codes, expiration date, billing address, and shipping address. Customers affected are at risk of identity theft. Not just that, the hackers obtained all the needed information to use the credit card/debit cards to make purchases or payments online. It is advisable that all customers most especially those who used the Hanna Anderson online platform to make payments to constantly check their account statements or credit card activities and report all suspicious activities to the relevant agencies.
Hanna Anderson revealed in a statement that not all customers were affected by the data breach within the stated period. However, all customers who made a payment on the platform within the stated period will be notified of potential access to their credit card details. The company also claimed to have no idea of the number of affected customers. Magecart actors have since 2016 targeted the shopping cart system of e-commerce websites and other platforms that accept payment information. The obtained payment details end up on the dark web as soon as possible before the cards are cancelled.
Magecart hackers also launched an attack on Sweaty Betty, a UK activewear retailer between 19 November 2019 and 27 November 2019 after inserting malicious code on the platform to steal customers’ payment details. In the Sweaty Betty attack, customers who made payment with PayPal and Apple pay were not affected. Similarly, customers who saved their payment information with the site were not affected as the malicious code was inserted to target new customers entering their payment card details.
Magecart hackers have made a lot of companies their victims and used their “difficult to detect” codes to access the payment card details of customers.
How Magecart Hackers Operate
Magecart hackers basically target the shopping cart system or Magento system of websites to steal payment card details of customers. They do this by altering the Magento source.
They also operate by redirecting shopping carts to a website that contains the malware. It has been said that Magecart hackers have over 40 codes injection exploits which are difficult to detect. These can mainly be found by checking the e-commerce code stack line by line for a possible odd code.
Image Source: www.cisomag.com
In their attack on MyPillow, the company was quick to remove the malware. However, the attackers launched a second attack with a more upgraded strategy. Magecart Hackers inserted a skimmer on the MyPillow website and added a new script tag for LiveChat. It was reported that this script tag matched the script usually inserted by the LiveChat. They then proceeded by proxying the standard script returned by the actual LiveChat script and appended the skimmer code right below it according to researchers.
Protecting a website from Magecart is a bit difficult as regular auditing of the platform will not stop this attack. It mainly comes from third-party tags which cannot be detected by regular auditing. It is important for credit card users to be careful with entering their credit card details on smaller websites as they may not have the required security as the bigger websites.
It is also advised that individuals make use of Apple Pay to make online payments. Payment systems like Apple Pay generate unique numbers for each transactions making it irrelevant for any hacker to obtain a card number and reuse it.
Disclaimer: Darkweblink.com does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither Darkweblink.com nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation to the reliance on or usage of any content, goods or services mentioned in this article.