Friday, April 23, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

Magecart Targets Emergency Services-related Sites via Insecure S3 Buckets

June 9, 2020
in Internet Privacy
Magecart Targets Emergency Services-related Sites via Insecure S3 Buckets
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Hacking groups are continuing to leverage misconfigured AWS S3 data storage buckets to insert malicious code into websites in an attempt to swipe credit card information and carry out malvertising campaigns.

In a new report shared with The Hacker News, cybersecurity firm RiskIQ said it identified three compromised websites belonging to Endeavor Business Media last month that are still hosting JavaScript skimming code — a classic tactic embraced by Magecart, a consortium of different hacker groups who target online shopping cart systems.

You might also like

Cybercriminals Using Telegram Messenger to Control ToxicEye Malware

Cost of Account Unlocks, and Password Resets Add Up

Researchers Find Additional Infrastructure Used By SolarWinds Hackers

The unpatched affected websites host emergency services-related content and chat forums catering to firefighters, police officers, and security professionals, per RiskIQ.

  • www[.]officer[.]com
  • www[.]firehouse[.]com
  • www[.]securityinfowatch[.]com

The cyber firm said it hasn’t heard back from Endeavor Business Media despite reaching out to the company to address the issues.

As a consequence, it’s working with Swiss non-profit cybersecurity firm Abuse.ch to sinkhole the malicious domains associated with the campaign.

Amazon S3 (short for Simple Storage Service) is a scalable storage infrastructure that offers a reliable means to save and retrieve any amount of data via a web services interface.

cybersecurity

These virtual credit card skimmers, also known as formjacking attacks, are typically JavaScript code that Magecart operators stealthily insert into a compromised website, often on payment pages, designed to capture customers’ card details in real-time and transmit it to a remote attacker-controlled server.

Last July, RiskIQ uncovered a similar Magecart campaign leveraging misconfigured S3 buckets to inject digital credit card skimmers on 17,000 domains.

credit card skimmer code

In addition to using JavaScript to load the skimmer, RiskIQ said it discovered additional code that it calls “jqueryapi1oad” used in connection with a long-running malvertising operation that began in April 2019 and has infected 277 unique hosts to date.

“We first identified the jqueryapi1oad malicious redirector — so named after the cookie we connected with it — in July of 2019,” the researchers said. “Our research team determined that the actors behind this malicious code were also exploiting misconfigured S3 buckets.”

The code sets the jqueryapi1oad cookie with an expiration date based on the outcome of a bot check and creates a new DOM element in the page into which it’s been injected. Then it proceeds to download additional JavaScript code that, in turn, loads a cookie associated with Keitaro traffic distribution system (TDS) to redirect traffic to scam ads tied to HookAds malvertising campaign.

flash player

“The domain futbolred[.]com is a Colombian soccer news site that’s in the top 30,000 of global Alexa rankings. It also misconfigured an S3 bucket, leaving it open to jqueryapi1oad,” the researchers said.

To mitigate these threats, RiskIQ recommends securing S3 buckets with the right level of permissions, in addition to using Access Control Lists (ACLs) and bucket policies to grant access to other AWS accounts or to public requests.

“Misconfigured S3 buckets that allow malicious actors to insert their code into numerous websites is an ongoing issue,” RiskIQ concluded. “In today’s threat environment, businesses cannot move forward safely without having a digital footprint, an inventory of all digital assets, to ensure they are under the management of your security team and properly configured.”


Credit: The Hacker News By: noreply@blogger.com (Ravie Lakshmanan)

Previous Post

Cyberpunk 2077 Launch Snub Pours Gasoline to Google Stadia Dumpster Fire

Next Post

ASIO boss calls for law enforcement cooperation from tech giants

Related Posts

Cybercriminals Using Telegram Messenger to Control ToxicEye Malware
Internet Privacy

Cybercriminals Using Telegram Messenger to Control ToxicEye Malware

April 23, 2021
Cost of Account Unlocks, and Password Resets Add Up
Internet Privacy

Cost of Account Unlocks, and Password Resets Add Up

April 23, 2021
1-Click Hack Found in Popular Desktop Apps — Check If You’re Using Them
Internet Privacy

Researchers Find Additional Infrastructure Used By SolarWinds Hackers

April 22, 2021
Facebook Busts Palestinian Hackers’ Operation Spreading Mobile Spyware
Internet Privacy

Facebook Busts Palestinian Hackers’ Operation Spreading Mobile Spyware

April 22, 2021
Hackers Exploit Unpatched Pulse Secure 0-Day to Breach Organizations
Internet Privacy

Hackers Exploit Unpatched Pulse Secure 0-Day to Breach Organizations

April 22, 2021
Next Post
ASIO boss calls for law enforcement cooperation from tech giants

ASIO boss calls for law enforcement cooperation from tech giants

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

King Island connectivity upgrade to include 110km radio link across Bass Strait
Internet Security

King Island connectivity upgrade to include 110km radio link across Bass Strait

April 23, 2021
IoT in Telecommunications: Challenges, Opportunities, Benefits & The Future
Data Science

IoT in Telecommunications: Challenges, Opportunities, Benefits & The Future

April 23, 2021
Your Doctor’s Assistant is AI 
Artificial Intelligence

Your Doctor’s Assistant is AI 

April 23, 2021
Machine learning model generates realistic seismic waveforms
Machine Learning

Machine learning model generates realistic seismic waveforms

April 23, 2021
Website Image Optimization Guide | Infographic
Marketing Technology

Website Image Optimization Guide | Infographic

April 23, 2021
Malware and ransomware gangs have found this new way to cover their tracks
Internet Security

Malware and ransomware gangs have found this new way to cover their tracks

April 23, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • King Island connectivity upgrade to include 110km radio link across Bass Strait April 23, 2021
  • IoT in Telecommunications: Challenges, Opportunities, Benefits & The Future April 23, 2021
  • Your Doctor’s Assistant is AI  April 23, 2021
  • Machine learning model generates realistic seismic waveforms April 23, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates