New Delhi: A hacker group has broken into at least 570 e-commerce stores in 55 countries, including in India, in the last three years, leaking information on more than 184,000 stolen credit cards and generated over $7 million (over Rs 52 crore) from selling compromised payment cards.
Known as "Keeper", the group has been stealing information from these online stores which includes Mumbai-based online jewellery store ejohri.com that was allegedly compromised in February this year, according to the threat intelligence firm Gemini Advisory.
"Over 85 per cent of the victim sites operated on the Magento CMS, which is known to be the top target for Magecart attacks and boasts over 250,000 users worldwide," said the Gemini report.
The country hosting the largest selection of these victim e-commerce sites was the US, followed by the United Kingdom and the Netherlands.
The websites hacked include online bicycle merchant milkywayshop.it, Pakistan-based clothing store alkaramstudio.com, Indonesia-based Apple product reseller ibox.co.id and US-based premier wine and spirits seller cwspirits.com, among others.
The Keeper "Magecart" group has verifiably compromised hundreds of domains and likely extracted payment card information from many more that have yet to be uncovered.
"With revenue likely exceeding $7 million and increased cybercriminal interest in CNP (Card Not Present) data during the COVID-19 quarantine measures across the world, this group's market niche appears to be secure and profitable," said the report.
"Keeper" is likely to continue launching increasingly sophisticated attacks against online merchants across the world.
Gemini uncovered an unsecured access log on the Keeper control panel with 184,000 compromised cards with time stamps ranging from July 2018 to April 2019.
"Extrapolating the number of cards per nine months to Keeper's overall lifespan, and given the dark web median price of $10 per compromised Card Not Present (CNP) card, this group has likely generated upwards of $7 million USD from selling compromised payment cards," the report informed.
In mid-2020, Magecart attacks have become a daily occurrence for small to medium-sized e-commerce businesses.
Operating on an outdated content management system (CMS), utilizing unpatched add-ons, or having administrators' credentials compromised through sequel injections leaves e-commerce merchants vulnerable to a variety of different attack vectors.
Over the past six months, the Gemini team has uncovered thousands of Magecart attacks ranging from simple dynamic injection of malicious code using a criminally hosted domain, to leveraging Google Cloud or GitHub storage services and using steganography to embed malicious payment card-stealing code into an active domain's logos and images.
"The criminals behind this threat constantly evolve and improve their techniques to prey on unsuspecting victims who do not emphasize domain security," the security researchers noted.
For all the latest News, Opinions and Views, download ummid.com App.
Select Language To Read in Urdu, Hindi, Marathi or Arabic.
Independent Tibet not far away: Tseten Wangchuk
MHRD, UGC reject demand to cancel varsity examinations
30K Indian troops in eyeball-to-eyeball confrontation with Chinese PLA
No touching of Kaaba during Hajj 2020
Also Read
Eid al-Adha: PETA hoarding asking people not to slaughter removed
Unbelievable But True: India is Impotence Capital of the World
MP 10th Topper List 2020: Five Muslims Among Top Ten
MP 10th Result 2020 declared; Abhinav, Lakshadeep, Pawan state toppers
PM Modi visits forward location in Ladakh amid tension with China
"Ladakhis say": Rahul Gandhi on LAC situation as Modi lands in Leh
Maharashtra launches dedicated Job Portal, Who can't apply
Gujarat Corona count 36,123; Death rate one of India's highest
Rajasthan Coronavirus count crosses 20K mark Sunday
Finally, 2020 NEET, JEE Main, JEE Advanced rescheduled
2020 NEET and JEE Main to be Postponed or Not: Decision Today