Newegg Electronic Retailers Suffered a Data Breach and Hackers Stole Customers Credit Card Data

latest hack news

Popular computer hardware and electronics retailers Newegg has suffered a data breach, and the hackers stole credit card data of an unknown number of customers.

According to the joint investigation conducted by Volexity and RiskIQ Magecart cybercrime group was behind the attack.

Hackers stole credit card detail of all customers who used made purchases between August 14 and September 18, 2018.

The researchers said that hackers inserted a malicious javascript code into the checkout page of Newegg website.

The code will collect all the payment data of customers who make purchases on the website and sent to a remote server.

“Volexity was able to verify the presence of malicious JavaScript code limited to a page on secure.newegg.compresented during the checkout process at Newegg. The malicious code specifically appeared once when moving to the Billing Information page while checking out. “

“This page, located at the URL https://secure.newegg.com/GlobalShopping/CheckoutStep2.aspx, would collect form data, siphoning it back to the attackers over SSL/TLS via the domain neweggstats.com.” said int eh analysis published by Volexity.

On August 13, Hackers registered a domain called neweggstats.com similar to Newegg real domain and also acquired a certificate issued for their domain by Comodo to make it authentic.

Next day they inserted the skimmer code into the Newegg payment page. As the skimmer code was inserted into the payment processing page itself not in the script, it will not be activated until the payment page was hit.

Usually, a customer who purchases a product from an online store will first select their product and move it into the shopping cart. After that as the first step of checkout option, they will enter their delivery information.

In final step customer will be taken into the payment processing page to enter their credit card details.
When the customer clicks the submit button after the credit card data the skimmer code inserted in the page will send a copy of the credit card data to attacker domain.

Newegg said that they have started notifying customers about the breach through email and customers who purchase through Newegg website between August 14 and September 18, 2018, are advised to check their bank account for any suspicious transaction and if found immediately contact your bank and block your credit card.

Newegg

Researchers said that the breach affected both the desktop and mobile application and the exact number of customers who were by the breach is still unknown.

Earlier the Magecart cybercrime group also hacked the British Airways website and mobile application and stole payment card of 380,000 customers.

For the latest cyber threats and the latest hacking news please follow us on Facebook and Twitter.

Comments

Please rate this content