Popular computer hardware and electronics retailers Newegg has suffered a data breach, and the hackers stole credit card data of an unknown number of customers.
Hackers stole credit card detail of all customers who used made purchases between August 14 and September 18, 2018.
The code will collect all the payment data of customers who make purchases on the website and sent to a remote server.
“This page, located at the URL https://secure.newegg.com/GlobalShopping/CheckoutStep2.aspx, would collect form data, siphoning it back to the attackers over SSL/TLS via the domain neweggstats.com.” said int eh analysis published by Volexity.
On August 13, Hackers registered a domain called neweggstats.com similar to Newegg real domain and also acquired a certificate issued for their domain by Comodo to make it authentic.
Next day they inserted the skimmer code into the Newegg payment page. As the skimmer code was inserted into the payment processing page itself not in the script, it will not be activated until the payment page was hit.
Usually, a customer who purchases a product from an online store will first select their product and move it into the shopping cart. After that as the first step of checkout option, they will enter their delivery information.
In final step customer will be taken into the payment processing page to enter their credit card details.
When the customer clicks the submit button after the credit card data the skimmer code inserted in the page will send a copy of the credit card data to attacker domain.
Newegg said that they have started notifying customers about the breach through email and customers who purchase through Newegg website between August 14 and September 18, 2018, are advised to check their bank account for any suspicious transaction and if found immediately contact your bank and block your credit card.
Researchers said that the breach affected both the desktop and mobile application and the exact number of customers who were by the breach is still unknown.
Earlier the Magecart cybercrime group also hacked the British Airways website and mobile application and stole payment card of 380,000 customers.