Hackers Compromised Alpaca Forms and Picreel, inserted Malicious Code to 4,600 Websites

the latest hacking news

Cybercriminal has breached Open source Alpaca Forms and analytics service Picreel and infected over 4,600 websites with malicious code.

According to ZDNet hackers have modified javascript files of these both companies and inserted malicious code on to more than 4,600 websites.

The attacks were first spotted by security researcher Willem de Groot, founder of Sanguine Security.

Picreel is an analytic service which helps users to improve their website performance by analysing customer behaviours patterns.

Users need to embed a piece of javascript to their website for the company to perform its activities. Now that piece of javascript code has been modified by hackers.

Alpaca Forms is an open-source project supported by Cloud CMS and is used to create interactive HTML5 forms for web and mobile applications.

Hacker may have breached the CDN (content delivery network) of Cloud CMS and modified one of the Alpaca Form scripts.

The malicious script records all the data user enter in the form fields and sends to a server located in Panama.

The stolen data includes the data from contact forms, payment and login pages.

It is still unknown how the hackers infiltrated into both companies. According to the researcher, the threat actor behind both attacks is the same person.

ZDNet has notified the companies about the issue and Cloud CMS responded by saying they have disabled the CDN that was serving the modified Alpaca Form scripts.

At the time of writing Picreel has also removed the malicious codes from their files.

The malicious script inserted in Picreel has already infected  1,249 websites and in the case of Alpaca Forms, it has infected 3,435 domains.

For the latest cyber threats and the latest hacking news please follow us on FacebookLinkedin and Twitter.

You may be interested in reading: New Emotet Trojan Variant Uses Compromised Devices as Proxy C&C Servers


Please rate this content