Boom! Mobile’s U.S. website recently fell victim to an e-commerce attack, putting online shoppers in danger of payment-card theft, researchers said.

Boom! is a wireless provider that resells mobile phone plans from Verizon, AT&T and T-Mobile USA, under its own brand and with its own perks (the company boasts “great customer service” and no contracts). Up until yesterday, the provider’s main website was hosting malicious code, which lurked on the online checkout page and harvested online shoppers’ details.

The approach is reminiscent of core Magecart group attacks, but in this case, the attack was the work of the Fullz House group, according to Malwarebytes, which is a Magecart splinter group that’s mainly known for its phishing prowess.

“Most victims of Magecart-based attacks tend to be typical online shops selling various goods. However, every now and again we come across different types of businesses which were affected simply because they happened to be vulnerable,” Malwarebytes researchers said in a Monday post.

According to a review from Sucuri, boom[.]us was running PHP version 5.6.40, which reached end-of-life in January 2019. As of this writing, the website still has outdated status.

“This may have been a point of entry but any other vulnerable plugin could also have been abused by attackers to inject malicious code into the website,” researchers pointed out.

#breach #hacks #malware #vulnerabilities #web security #boom mobile #credit card skimmer #customer data #e-commerce #fullz house #magecart #website #wireless service provider