Online Bedding Retailers MyPillow and Amerisleep Targeted in new Magecart Campaign

Magecart

Security researchers have revealed details of two new attacks by Magecart cybercriminal group targeting Online bedding retailers MyPillow and Amerisleep.

According to the new report published by RiskIQ, hackers compromised both website and stole payment card information.

In MageCart attacks, attackers inject a malicious piece of javascript code into the checkout page of the compromised website and collect all the data entered by the user and send to a remote server handled by the attacker.

Magecart cybercriminal group are also believed to behind the attacks of several major companies such as British Airways, Newegg, and Ticketmaster.

MyPillow website was breached in October 2018. The Attackers injected a skimming code to a site which was hosted on a look-alike domain of MyPillow and contained an SSL certificate issued by LetsEncrypt.

Magecart

In the case Amerisleep the first attack was discovered in April 2017 which ran until at least October 2017.

The latest attack was discovered in December 2018 when they compromised the website injecting skimmers contained on Github account.

“In December 2018, the attackers had used a new skimming setup with a fascinating new method. The attackers abused Github by registering a Github account called “amerisleep” and creating the Github Pages address amerisleep.github.io:” said in the report published by RiskIQ.

In the recent attack against the company in January this year, the researchers observed that a different skimmer was injected with some conditional checks ensuring that script would only go on payment pages.

As of now, the skimmer domain has been taken offline, but the injection is still live on the website.

The attack against the MyPillow website was resolved and but never disclosed. In the case of Amerisleep researchers never got any response back despite numerous attempts.

In both cases, the companies did not issue any warnings or alerts regarding the breach to their customers.

For the latest cyber threats and the latest hacking news please follow us on FacebookLinkedin and Twitter.

You may be interested in reading:New MageCart Attack Campaign Targets E-Commerce Websites
Comments

Please rate this content