Cybercriminals don’t discriminate when it comes to stealing credit card numbers, and the American Cancer Society is no exception. A group of cybercriminals known as Magecart created a malware code that was designed to steal credit card numbers from the American Cancer Society’s online store page.
The page allowed customers to purchase t-shirts, books, greeting cards, and other products with the Society’s logo. The malicious code running in the background was disguised as legitimate analytics code so that it was more difficult to discover. Security researcher Willem de Groot found the malware on October 24th and notified the Society immediately.
De Groot explained that the credit card numbers that were collected were collected and sent to a third-party server which was operated by a member of Magecart. The intent was to sell the credit card numbers on the Dark Web. When de Groot decoded the malware, he found the web address of the hacker’s third-party server. The domain is registered in Moscow but gives no information as it displays as a decoy page.
While the specifics of how many people were affected are not known, the malware is suspected to have been enacted last week, meaning users who purchased from the store in that time should contact their card provider.
The Dangers of a Loose Cannon Cybercriminal
The Magecart groups focus their efforts on compromising one piece of third-party software or infect an industrial process. The issue is that eCommerce sites that use shopping carts and collect payment methods don’t evaluate the code used with these portions of the site. Magecart is known for several online attacks on companies including:
The attackers have no preference as to the size of business they go after, leaving anyone with eCommerce operations at risk. The way they implement their malware changes with how the code is set up on a site and have evolved over time. Magecart members now infect users through bad ad banners, exposing outdated coding, and overtaking customer plug-ins.
Protecting Your Business from Malware Attacks
There are several preventative measures that companies can take to protect themselves from malware. Some of the easiest actions are to host as many of your third-party scripts on your own servers as you can and make sure modified scripts are not loaded without permission. You can find more tips on safe eCommerce practices here. Overall, be sure that you have cyber insurance that can cover this type of crime so that your business doesn’t take a hit to its finances or reputation.
If your business has experienced a malware attack, let the experts at Secure Forensics help. Our certified examiners can detect malware, find out when the infiltration occurred, and what data was compromised. Call 1-800-288-1407 to learn more.